urlscan.io logo urlscan.io
SecurityTrails logo

link.tl Open in urlscan Pro
2400:cb00:2048:1::681f:1bd  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://link.tl/CVoL
Effective URL: http://link.tl/a
Submission: On September 04 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 18 domains to perform 48 HTTP transactions. The main IP is 2400:cb00:2048:1::681f:1bd, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is link.tl.
This is the only time link.tl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2400:cb00:204... 13335 (CLOUDFLAR...)
1 1 78.140.191.217 35415 (WEBZILLA)
1 188.72.213.176 35415 (WEBZILLA)
2 6 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 8 2a02:6b8::1:119 13238 (YANDEX)
1 188.72.202.175 35415 (WEBZILLA)
1 2600:9000:200... 16509 (AMAZON-02)
2 185.225.208.133 13213 (UK2NET-AS)
1 188.124.255.98 56630 (MELBICOM-...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 69.4.231.30 36351 (SOFTLAYER)
1 1 23.111.31.135 7979 (SERVERS)
1 2 185.159.81.206 14576 (HOSTING-S...)
1 1 23.111.31.146 7979 (SERVERS)
1 52.222.150.235 16509 (AMAZON-02)
1 67.202.94.86 32748 (STEADFAST)
1 188.72.202.174 35415 (WEBZILLA)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 188.72.213.220 35415 (WEBZILLA)
1 107.182.231.45 29854 (WESTHOST)
1 67.202.94.93 32748 (STEADFAST)
2 104.16.88.26 13335 (CLOUDFLAR...)
7 208.100.17.181 32748 (STEADFAST)
1 208.100.17.184 32748 (STEADFAST)
48 24
8    2400:cb00:2048:1::681f:1bd (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
link.tl
1    78.140.191.217 (Netherlands)

ASN35415 (WEBZILLA, NL)
go.onclasrv.com
1    188.72.213.176 (Netherlands)

ASN35415 (WEBZILLA, NL)
cobalten.com
6    2400:cb00:2048:1::681f:bd (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
link.tl
1    2a00:1450:4001:81a::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
8    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    188.72.202.175 (Netherlands)

ASN35415 (WEBZILLA, NL)
pushance.com
1    2600:9000:200d:a400:f:5f9:f780:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
da3uf5ucdz00u.cloudfront.net
2    185.225.208.133 (None, )

ASN13213 (UK2NET-AS, GB)
widgets.amung.us
1    188.124.255.98 (Russian Federation)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, NL)
refbanners.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
1    69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net
t.dtscout.com
1    23.111.31.135 (Phoenix, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)
sub2.bubblesmedia.ru
2    185.159.81.206 (Meppel, Netherlands)

ASN14576 (HOSTING-SOLUTIONS - Hosting Solution Ltd., US)
PTR: customer.clientshostname.com
torr.mediaget.com
download.mediaget.com
1    23.111.31.146 (Phoenix, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)
ld.mediaget.com
1    52.222.150.235 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-235.fra53.r.cloudfront.net
boudja.com
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    188.72.202.174 (Netherlands)

ASN35415 (WEBZILLA, NL)
pushance.com
1    2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    188.72.213.220 (Netherlands)

ASN35415 (WEBZILLA, NL)
rotumal.com
1    107.182.231.45 (New York, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e72d.setaptr.net
t.dtscout.com
1    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
2    104.16.88.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.tynt.com
7    208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip181.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip184.208-100-17.static.steadfastdns.net
de.tynt.com
Domain Requested by
14 link.tl 3 redirects link.tl
8 mc.yandex.ru 1 redirects link.tl
mc.yandex.ru
7 ic.tynt.com link.tl
2 cdn.tynt.com widgets.amung.us
2 rotumal.com link.tl
2 whos.amung.us widgets.amung.us
2 t.dtscout.com widgets.amung.us
2 widgets.amung.us link.tl
2 pushance.com link.tl
pushance.com
1 de.tynt.com cdn.tynt.com
1 www.facebook.com connect.facebook.net
1 boudja.com da3uf5ucdz00u.cloudfront.net
1 download.mediaget.com link.tl
1 ld.mediaget.com 1 redirects
1 torr.mediaget.com 1 redirects
1 sub2.bubblesmedia.ru 1 redirects
1 staticxx.facebook.com connect.facebook.net
1 www.gstatic.com www.google.com
1 connect.facebook.net link.tl
1 refbanners.com link.tl
1 da3uf5ucdz00u.cloudfront.net link.tl
1 www.google.com link.tl
1 cobalten.com link.tl
1 go.onclasrv.com 1 redirects
48 24

This site contains links to these domains. Also see Links.

Domain
www.jetborsa.com
Subject Issuer Validity Valid
www.google.com
Google Internet Authority G3		 2018-08-14 -
2018-10-23		 2 months crt.sh
bs.yandex.ru
Yandex CA		 2017-11-23 -
2019-11-23		 2 years crt.sh
whos.amung.us
GeoTrust EV RSA CA 2018		 2018-03-09 -
2020-05-25		 2 years crt.sh
refbanners.com
Let's Encrypt Authority X3		 2018-07-10 -
2018-10-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-08-14 -
2018-10-23		 2 months crt.sh
boudja.com
Amazon		 2017-11-29 -
2018-12-29		 a year crt.sh
pushance.com
RapidSSL SHA256 CA - G2		 2017-11-30 -
2018-11-30		 a year crt.sh

This page contains 9 frames:

Primary Page: http://link.tl/a
Frame ID: 2561428A670B7DD718881C912B0F32D1
Requests: 34 HTTP requests in this frame

Frame: https://refbanners.com/I?tag=d_92467m_2728c_&site=92467&ad=2728
Frame ID: 58F76B59EFB5D2F482D8E22B740D5845
Requests: 1 HTTP requests in this frame

Frame: http://link.tl/interstitial/links/a?uid=2&ref=
Frame ID: A9F0841FCB891B336999E5570E1C20BF
Requests: 10 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/0P3pVtbsZok.js?version=42
Frame ID: 80F567921972C4E80DEB5DE38C021F5C
Requests: 1 HTTP requests in this frame

Frame: http://download.mediaget.com/mediaget-installer-2/MediaGet_mac.dmg
Frame ID: 30603D767E95336DC641AA60E55F1DCE
Requests: 1 HTTP requests in this frame

Frame: https://boudja.com/MDFKU0gfUidsOkQMOjwlVUMlJjseWCQ1Jw
Frame ID: 660278BFB083AE073F2A1A6BD7EB70D7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=1675675166051329&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0P3pVtbsZok.js%3Fversion%3D42%23cb%3Df3021ca6edcb1a4%26domain%3Dlink.tl%26origin%3Dhttp%253A%252F%252Flink.tl%252Ff1adba311d62178%26relation%3Dparent.parent&container_width=131&href=https%3A%2F%2Fwww.facebook.com%2FJetborsacom-225922364653217%2F&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false
Frame ID: 585B125664A8481C9599D16FFDADF416
Requests: 1 HTTP requests in this frame

Frame: http://rotumal.com/4/1677971/
Frame ID: 790F1AB605882C08FE998C910192D704
Requests: 1 HTTP requests in this frame

Frame: http://rotumal.com/4/839950/
Frame ID: A77BE79EE5E6BB57DB16550A096CD0AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://link.tl/CVoL HTTP 302
    http://link.tl/a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^swal$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i

Page Statistics

48
Requests

35 %
HTTPS

31 %
IPv6

18
Domains

24
Subdomains

24
IPs

5
Countries

428 kB
Transfer

1503 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.tl/CVoL HTTP 302
    http://link.tl/a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://go.onclasrv.com/apu.php?zoneid=1673618&var=2 HTTP 302
  • http://cobalten.com/apu.php?zoneid=1673618&var=2
Request Chain 13
  • http://connect.facebook.net/tr_TR/sdk.js HTTP 307
  • https://connect.facebook.net/tr_TR/sdk.js
Request Chain 20
  • http://link.tl/api/xml/download?ref=Link.TL%20-%20k%C4%B1salt,%20payla%C5%9F%20ve%20kazan! HTTP 302
  • https://sub2.bubblesmedia.ru/sb/clk/s/1686/h/66b071/o/145/sub/0?a=1&cb=1&f=dosya HTTP 302
  • http://torr.mediaget.com/torr.php?r=link.tl&bbl=1&f=dosya&bbls_client_id=888556456&bbl_clk_id=217260-1536045463&use_f=1 HTTP 302
  • http://ld.mediaget.com/index4.php?l=&r=link.tl&f=dosya&bbls_client_id=888556456&bbl=1&bbl_clk_id=217260-1536045463&use_f=1 HTTP 302
  • http://download.mediaget.com/mediaget-installer-2/MediaGet_mac.dmg
Request Chain 21
  • https://mc.yandex.ru/watch/22212574?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A436990610%3Ahid%3A36954189%3Ads%3A0%2C0%2C214%2C6%2C487%2C487%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A819%3Awn%3A60370%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan! HTTP 302
  • https://mc.yandex.ru/watch/22212574/1?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A436990610%3Ahid%3A36954189%3Ads%3A0%2C0%2C214%2C6%2C487%2C487%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A819%3Awn%3A60370%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Request Chain 31
  • http://link.tl/api/xml/redirect?uid=2&ref= HTTP 302
  • http://rotumal.com/4/1677971/

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set a
link.tl/
Redirect Chain
  • http://link.tl/CVoL
  • http://link.tl/a
21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://link.tl/a
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
170ab0a54931ef46c9cd309a41dea01b353b5a84d9820aa05f2838b0ba19569c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
link.tl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6ImtqYkVNQU9GblY3WTg4U2pNRVp0YVE9PSIsInZhbHVlIjoiT1BVazRXbE9mUGVcL3VpVDNQWitFXC9LRkc1dThueDJoOFwvc2hUWURmQVwvQzBNZjB2RTQ4dHlGS2h3a29MZXNTQ1lzaUNndjFGbUhxZFJqdWIrTXd3V3NRPT0iLCJtYWMiOiI5YzRmNjEwMTE1MzUyYTVhNTJmNTU2OGI4YTNhYzZmZmNlNDdjNTY4ODRjZGViOWQyNDAzMDRiMjI5NWU4ZDkwIn0%3D; sys_session=eyJpdiI6IjlwQ2ZMZ05KaktSS21xK3RSQkpPTkE9PSIsInZhbHVlIjoiVjI1QVNlVlRTZnJGMExURnVkZFpZSHRXTGVJOUxyMDlXbk15V28xMXBzQ2VQaGtUZFhpMEFXczhSaE9JYzZtUWdRYlFHd21UandIS0pSOWZYSXpmekE9PSIsIm1hYyI6IjQ3MTQxYjYwYjliN2FmNjEyNzliZDQ4YWUzMmNmODI4Yzk4MmE5YTU2NGY5MDg2MzdlMTBiOTBmNDJhZDA0MzQifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, private
X-Frame-Options
DENY
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; expires=Tue, 04-Sep-2018 09:17:40 GMT; Max-Age=7200; path=/ sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; expires=Tue, 04-Sep-2018 09:17:40 GMT; Max-Age=7200; path=/; httponly ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D; expires=Tue, 04-Sep-2018 20:59:40 GMT; Max-Age=49320; path=/; httponly
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
X-Content-Type-Options
nosniff
Server
cloudflare
CF-RAY
454ead8046ddbed0-FRA
Content-Encoding
gzip

Redirect headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; expires=Wed, 04-Sep-19 07:17:40 GMT; path=/; domain=.link.tl; HttpOnly XSRF-TOKEN=eyJpdiI6ImtqYkVNQU9GblY3WTg4U2pNRVp0YVE9PSIsInZhbHVlIjoiT1BVazRXbE9mUGVcL3VpVDNQWitFXC9LRkc1dThueDJoOFwvc2hUWURmQVwvQzBNZjB2RTQ4dHlGS2h3a29MZXNTQ1lzaUNndjFGbUhxZFJqdWIrTXd3V3NRPT0iLCJtYWMiOiI5YzRmNjEwMTE1MzUyYTVhNTJmNTU2OGI4YTNhYzZmZmNlNDdjNTY4ODRjZGViOWQyNDAzMDRiMjI5NWU4ZDkwIn0%3D; expires=Tue, 04-Sep-2018 09:17:39 GMT; Max-Age=7200; path=/ sys_session=eyJpdiI6IjlwQ2ZMZ05KaktSS21xK3RSQkpPTkE9PSIsInZhbHVlIjoiVjI1QVNlVlRTZnJGMExURnVkZFpZSHRXTGVJOUxyMDlXbk15V28xMXBzQ2VQaGtUZFhpMEFXczhSaE9JYzZtUWdRYlFHd21UandIS0pSOWZYSXpmekE9PSIsIm1hYyI6IjQ3MTQxYjYwYjliN2FmNjEyNzliZDQ4YWUzMmNmODI4Yzk4MmE5YTU2NGY5MDg2MzdlMTBiOTBmNDJhZDA0MzQifQ%3D%3D; expires=Tue, 04-Sep-2018 09:17:39 GMT; Max-Age=7200; path=/; httponly
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Location
http://link.tl/a
X-Frame-Options
DENY
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
X-Content-Type-Options
nosniff
Server
cloudflare
CF-RAY
454ead7d45e2bed0-FRA
jquery-2.1.4.min.js
link.tl/themes/ax/plugins/jquery/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://link.tl/a
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Last-Modified
Tue, 05 Dec 2017 21:05:33 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead81a744bed0-FRA
Content-Length
34418
Expires
Wed, 05 Sep 2018 22:18:32 GMT
apu.php
cobalten.com/
Redirect Chain
  • http://go.onclasrv.com/apu.php?zoneid=1673618&var=2
  • http://cobalten.com/apu.php?zoneid=1673618&var=2
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cobalten.com/apu.php?zoneid=1673618&var=2
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
188.72.213.176 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
c951e135943eb002a5eeeb1dc00dfde4713117871c849521b14dae1750876019
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Strict-Transport-Security
max-age=1
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/html
Location
http://cobalten.com/apu.php?zoneid=1673618&var=2
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
pop-n.js
link.tl/js/ 		779 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
http://link.tl/js/pop-n.js
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aed609a44c1d6b6e1d0c23874d2f02a292cce43fcac25bbccf6253573cea969
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://link.tl/a
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Cf-Polished
origSize=1321
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 29 Aug 2018 22:16:02 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Expires
Wed, 05 Sep 2018 22:18:29 GMT
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
CF-RAY
454ead81a3b626d2-FRA
Cf-Bgj
minify
panel.png
link.tl/storage/images/logo/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://link.tl/storage/images/logo/panel.png
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1bfb0d679aa88756eb2fbea31f6442581a1ffc77e547593889d573f517415c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://link.tl/a
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Last-Modified
Tue, 05 Dec 2017 21:16:59 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead822766bed0-FRA
Content-Length
39866
Expires
Wed, 05 Sep 2018 22:18:12 GMT
incognito-browser.js
link.tl/themes/ax/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://link.tl/themes/ax/js/incognito-browser.js
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
109060f7adb8a608724603a071ce15da0e4957885123056b72375fa80d7b49ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://link.tl/a
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Last-Modified
Wed, 20 Dec 2017 23:13:10 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead81b74bbed0-FRA
Content-Length
1959
Expires
Thu, 06 Sep 2018 01:07:53 GMT
api.js
www.google.com/recaptcha/ 		837 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
72a2b42dc8e3f13c6d60273fe9464600e458c531d4121e7b568994a73efac20e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 04 Sep 2018 07:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
469
x-xss-protection
1; mode=block
expires
Tue, 04 Sep 2018 07:17:40 GMT
watch.js
mc.yandex.ru/metrika/ 		123 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
1929b91a5f21e8246e85f402ca74404064da6240eb96f6938b40c33ac8886c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Aug 2018 08:39:58 GMT
Server
nginx/1.12.2
ETag
"5b7e72de-a6f2"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
42738
Expires
Tue, 04 Sep 2018 08:17:41 GMT
ntfc.php
pushance.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pushance.com/ntfc.php?p=1703107
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
188.72.202.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
683b78434696694bec982d847075ef8d05f69c098ec74fba5892cd49a7f7ef57
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Strict-Transport-Security
max-age=1
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
da3uf5ucdz00u.cloudfront.net/ 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://da3uf5ucdz00u.cloudfront.net/?ufuad=743713
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
2600:9000:200d:a400:f:5f9:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
980ce08b84248ef3e7bc6d36eb4f4ed32bc6f04dc5ba77c4e5f3f2891d507e7f

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
X-Amz-Cf-Id
WqlGNXZa5xFHHNbVYED7WBwA2kfIqhUePozTscApoqLjRyJG57LB1A==
Via
1.1 e4438a14707a01f6102dc21875d75080.cloudfront.net (CloudFront)
tab.js
widgets.amung.us/ 		28 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.amung.us/tab.js
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
8a7bbab79b11fd9be10b470d6644862d7fa3f06100e74bee366c033cfc53bcac

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 04 Sep 2018 07:17:40 GMT
content-encoding
gzip
last-modified
Tue, 17 Jul 2018 21:46:33 GMT
etag
W/"5b4e63b9-6e99"
status
200
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private
expires
Wed, 05 Sep 2018 07:17:40 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47cc2c589d05a9dd21bc95102f48ec4e60e198c6b17da4381e4a05b5b64bdbc7

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
Cookie set a
link.tl/ 		21 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://link.tl/a
Requested by
Host: link.tl
URL: http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a5d5babf27ce2841a8494a8e549b153661df7dfdcfcfc440689ed33524536d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://link.tl/a
X-Requested-With
XMLHttpRequest
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Accept
*/*
Referer
http://link.tl/a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlJPZUFEUUFXemU1K0xiRGRKektnQkE9PSIsInZhbHVlIjoiVU00XC9UbGFlaTBJMW4ybUt4YVNmUzQ5c0VlOWtoMkF6WlZqRTBEQm9POUREMUlJcTlvYjRWZGVIWFBkVUN3c0VUb0p1Q0RVV0h5T2lUV0hteHBnVmtBPT0iLCJtYWMiOiI1MmIwOGMzZjJlNTJjODFkZDU3NWUxY2E4NzE5OGFiNTk5NTFkMDk5MjAzMGU4ZDY2MTk2MzA5ZWU2MzNiODEwIn0%3D; expires=Tue, 04-Sep-2018 09:17:40 GMT; Max-Age=7200; path=/ sys_session=eyJpdiI6ImdMb2ZzTWNUN0IxZlY3dFRlTnJHeGc9PSIsInZhbHVlIjoiTU1tQjN1RHE0SHFcL0RQUHpYYlVramN5R1h4bFBjQUc1M1pkcFhFOFwvaWZOYmxzWENRdElyTjJNalI0T3Q5SUw0bzRiZnhMTzRsUDdIeU1Sbms4QWgrZz09IiwibWFjIjoiMTE2ZjcwZmUwN2QwYmNmNGEwODVkY2ExYTI2YWU4ZjA2YTMwOWQ3YzlkNDg2NzI0ZmE3ZmY2ZTIxMjQ0NGRlZSJ9; expires=Tue, 04-Sep-2018 09:17:40 GMT; Max-Age=7200; path=/; httponly ax_skip=eyJpdiI6IkF0alM5MzN1eG81cmczNWpvTWhsYmc9PSIsInZhbHVlIjoiQzRPYVRkMDNcLzR5MXA2eE1CWlpYXC9Fd2tWczRzbUs1U0M5aWo3bVZVWlFoc3E1R0ZVbzhFalIrNm8xdVRrSEpKIiwibWFjIjoiMzlmMGFiYjE3ZDcwMjc5MWY2NTM5N2YyMDE4YjIzODZhODBhYzJhMTM1Zjk1MzQwMmNlNzZiN2RkZDI0OTZkMiJ9; expires=Tue, 04-Sep-2018 20:59:40 GMT; Max-Age=49320; path=/; httponly
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
454ead8223cf26d2-FRA
Vary
Accept-Encoding
I
refbanners.com/ Frame 58F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://refbanners.com/I?tag=d_92467m_2728c_&site=92467&ad=2728
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.124.255.98 , Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
refbanners.com
:scheme
https
:path
/I?tag=d_92467m_2728c_&site=92467&ad=2728
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://link.tl/a
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/a

Response headers

status
200
server
nginx
date
Tue, 04 Sep 2018 07:17:40 GMT
content-type
text/html; charset=utf-8
content-length
414
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
x-aspnetmvc-version
5.0
strict-transport-security
max-age=15768000
sdk.js
connect.facebook.net/tr_TR/
Redirect Chain
  • http://connect.facebook.net/tr_TR/sdk.js
  • https://connect.facebook.net/tr_TR/sdk.js
231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/tr_TR/sdk.js
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
9e175e088d0708199fbc1d5688fa244c071d34a55b2a38f0a1669827f76d9611
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
rCfFMydJRo9pUuVFG24HuQ==
status
200
content-length
71777
x-xss-protection
0
x-fb-debug
+Ht3DY4gtWHTPCul3wReKcLeDeu7IghEYDqbx8YUZWC48C83I6G1X8DREL6/bjivcW9VQO5KtMjTPxVfT8oHrQ==
x-fb-content-md5
4a0e018863252a3935b036efcba377e2
x-frame-options
DENY
date
Tue, 04 Sep 2018 07:17:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"03a179f428fcf5681f98c4e074e7f02a"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Tue, 04 Sep 2018 07:20:16 GMT

Redirect headers

Location
https://connect.facebook.net/tr_TR/sdk.js#xfbml=1&version=v2.5&appId=1675675166051329
Non-Authoritative-Reason
HSTS
Cookie set a
link.tl/interstitial/links/ Frame A9F0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://link.tl/interstitial/links/a?uid=2&ref=
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ff233f64dbe8e19bb25f65e17de761485a4311f57edf934219058832f1af03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
link.tl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://link.tl/a
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/a

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6IjI4dXNMdE45K0JKb0pJemIrR0xLS3c9PSIsInZhbHVlIjoidzZVOFZCUmd2ZXRWVFFcL0tWemVxK2NZSk0wTWp6WkR1ZUFMOWZ2UGZBZW9sU3k5Z1EwYWtcL2hmTnVGUWQ2aE9PdkRvajdSOHJcL2lJbWthaDJSZmlFVFE9PSIsIm1hYyI6IjUwZjZkMzZmNTRhMmYzY2I5ZWUyNjQ5N2UxNDZlYzdlNmEzM2NhYTA1Zjc2MWZiMTU0ZjM1NDY3ODliMmM0ZTgifQ%3D%3D; expires=Tue, 04-Sep-2018 09:17:40 GMT; Max-Age=7200; path=/ sys_session=eyJpdiI6Ik9raENxa3ZaaFk2SjNDbkFQRzlia0E9PSIsInZhbHVlIjoiVkNJS2ZDN3Y5V05TZXh4THdBcjZuXC9wSWNLN1JPbXc2YXZGdFJkdVVjXC9Cd1RndHFJNzM2dURCWTV2SW1IaENsUmZwUER1QythSm1KUEhTRDE0M0E4UT09IiwibWFjIjoiYTQ3YWRkMGRmOTE1OWE1NjNhMWFmMmI4Y2MxNDk5N2NmNTFmMTRhODc0YWQ0ZjI1MDZlMTY1MzY0YjQ5MjRlZCJ9; expires=Tue, 04-Sep-2018 09:17:40 GMT; Max-Age=7200; path=/; httponly
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
X-Content-Type-Options
nosniff
Server
cloudflare
CF-RAY
454ead8233d026d2-FRA
Content-Encoding
gzip
incognito-browser.js
link.tl/themes/ax/js/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://link.tl/themes/ax/js/incognito-browser.js?_=1536045460766
Requested by
Host: link.tl
URL: http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
109060f7adb8a608724603a071ce15da0e4957885123056b72375fa80d7b49ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://link.tl/a
X-Requested-With
XMLHttpRequest
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://link.tl/a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
Last-Modified
Wed, 20 Dec 2017 23:13:10 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead825771bed0-FRA
Content-Length
1959
Expires
Tue, 11 Sep 2018 07:17:40 GMT
flashad.js
link.tl/js/ 		196 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://link.tl/js/flashad.js?_=1536045460767
Requested by
Host: link.tl
URL: http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb876c73993d792d0d62a3d3e720fb04c0084e1160f5b1c63535f40925622b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://link.tl/a
X-Requested-With
XMLHttpRequest
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://link.tl/a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
Last-Modified
Tue, 05 Jun 2018 13:21:37 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead826670970c-FRA
Content-Length
35422
Expires
Tue, 11 Sep 2018 07:17:40 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1535045166622/ 		236 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1535045166622/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f39a8afe9fc7bd0dd1f246e1f70697d6a77f49677649b3cc166f4149454dd80e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 28 Aug 2018 15:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Aug 2018 18:15:00 GMT
server
sffe
age
575080
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
78257
x-xss-protection
1; mode=block
expires
Wed, 28 Aug 2019 15:33:00 GMT
/
t.dtscout.com/i/ 		17 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Flink.tl%2Fa&j=
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/tab.js
Protocol
HTTP/1.1
Server
69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
no-rdns.ord02.hostingservicesinc.net
Software
/
Resource Hash
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Cache-Control
no-cache
Connection
close
Content-Type
application/javascript
X-Z
I
Transfer-Encoding
chunked
Expires
Tue, 04 Sep 2018 07:17:40 GMT
0P3pVtbsZok.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 80F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/0P3pVtbsZok.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/0P3pVtbsZok.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://link.tl/a
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/a

Response headers

status
200
expires
Sat, 31 Aug 2019 21:14:00 GMT
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
ROCcufL6ruBfc2BX0FFipAPsvuqmYOuZ0JAuuu9xL4wiPFHNq0X5PpuXgZLqACtrF5PbdAD426bjfCtXCiVrIA==
content-length
13881
date
Tue, 04 Sep 2018 07:17:40 GMT
MediaGet_mac.dmg
download.mediaget.com/mediaget-installer-2/ Frame 3060
Redirect Chain
  • http://link.tl/api/xml/download?ref=Link.TL%20-%20k%C4%B1salt,%20payla%C5%9F%20ve%20kazan!
  • https://sub2.bubblesmedia.ru/sb/clk/s/1686/h/66b071/o/145/sub/0?a=1&cb=1&f=dosya
  • http://torr.mediaget.com/torr.php?r=link.tl&bbl=1&f=dosya&bbls_client_id=888556456&bbl_clk_id=217260-1536045463&use_f=1
  • http://ld.mediaget.com/index4.php?l=&r=link.tl&f=dosya&bbls_client_id=888556456&bbl=1&bbl_clk_id=217260-1536045463&use_f=1
  • http://download.mediaget.com/mediaget-installer-2/MediaGet_mac.dmg
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://download.mediaget.com/mediaget-installer-2/MediaGet_mac.dmg
Requested by
Host: link.tl
URL: http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Server
185.159.81.206 Meppel, Netherlands, ASN14576 (HOSTING-SOLUTIONS - Hosting Solution Ltd., US),
Reverse DNS
customer.clientshostname.com
Software
nginx/1.10.3 /
Resource Hash

Request headers

Host
download.mediaget.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://link.tl/a
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/a

Response headers

Server
nginx/1.10.3
Date
Tue, 04 Sep 2018 07:17:43 GMT
Content-Type
application/octet-stream
Content-Length
87916885
Last-Modified
Mon, 03 Apr 2017 10:34:34 GMT
Connection
keep-alive
ETag
"58e2253a-53d8155"
Accept-Ranges
bytes

Redirect headers

Server
nginx/1.10.2
Date
Tue, 04 Sep 2018 07:17:43 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.31
Location
http://download.mediaget.com/mediaget-installer-2/MediaGet_mac.dmg
1
mc.yandex.ru/watch/22212574/
Redirect Chain
  • https://mc.yandex.ru/watch/22212574?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3...
  • https://mc.yandex.ru/watch/22212574/1?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/22212574/1?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A436990610%3Ahid%3A36954189%3Ads%3A0%2C0%2C214%2C6%2C487%2C487%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A819%3Awn%3A60370%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:41 GMT
Last-Modified
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.12.2
Location
https://mc.yandex.ru/watch/22212574/1?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A436990610%3Ahid%3A36954189%3Ads%3A0%2C0%2C214%2C6%2C487%2C487%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A819%3Awn%3A60370%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://link.tl
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 04 Sep 2018 07:17:41 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:41 GMT
Last-Modified
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.12.2
Location
https://mc.yandex.ru/watch/22212574/1?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A436990610%3Ahid%3A36954189%3Ads%3A0%2C0%2C214%2C6%2C487%2C487%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A819%3Awn%3A60370%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://link.tl
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 04 Sep 2018 07:17:41 GMT
MDFKU0gfUidsOkQMOjwlVUMlJjseWCQ1Jw
boudja.com/ Frame 6602 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://boudja.com/MDFKU0gfUidsOkQMOjwlVUMlJjseWCQ1Jw
Requested by
Host: da3uf5ucdz00u.cloudfront.net
URL: http://da3uf5ucdz00u.cloudfront.net/?ufuad=743713
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.150.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-150-235.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
boudja.com
:scheme
https
:path
/MDFKU0gfUidsOkQMOjwlVUMlJjseWCQ1Jw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://link.tl/a
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/a

Response headers

status
200
content-type
text/html
content-length
4135
date
Tue, 04 Sep 2018 07:17:41 GMT
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
p3p
CP="NID DSP ALL COR"
pragma
no-cache
set-cookie
csu=d2459eb2-50f2-4739-82d9-14bff12dc4c1
x-cache
Miss from cloudfront
via
1.1 ed0c487879f809919537bf00a2f2dc8f.cloudfront.net (CloudFront)
x-amz-cf-id
uJaOYRiNCfObzdA3An5ue_kG0Y6ZfxfimygCZgbcXKPbtoawlbbLkw==
/
whos.amung.us/pingjs/ 		33 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=qedo75j62kvv&t=Link.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!&c=t&y=&a=0&d=1.328&v=22&r=3259
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/tab.js
Protocol
HTTP/1.1
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
ea78b65316953d22bf4608df0c4fbed162e8a80e858ba287ee1d518d8bab48e9

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Tue, 04 Sep 2018 08:17:41 GMT
ntfc.php
pushance.com/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pushance.com/ntfc.php?p=1703107&r=ui&swver=3.0.87
Requested by
Host: pushance.com
URL: http://pushance.com/ntfc.php?p=1703107
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.174 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
9fbf8250dcfd5dd99567c3f412096ab0249a1bbf8e259dae7609f47220e21567
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
private, max-age=86400
Strict-Transport-Security
max-age=1
Timing-Allow-Origin
*
1
mc.yandex.ru/watch/22212574/ 		133 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/22212574/1?wmode=7&page-url=http%3A%2F%2Flink.tl%2Fa&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460033%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A436990610%3Ahid%3A36954189%3Ads%3A0%2C0%2C214%2C6%2C487%2C487%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A819%3Awn%3A60370%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9a028855b81ac695b6824a2933c63de034f12703417c3fe31fb719f967993121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Origin
http://link.tl
Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://link.tl
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Tue, 04 Sep 2018 07:17:41 GMT
like.php
www.facebook.com/v2.5/plugins/ Frame 585B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=1675675166051329&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0P3pVtbsZok.js%3Fversion%3D42%23cb%3Df3021ca6edcb1a4%26domain%3Dlink.tl%26origin%3Dhttp%253A%252F%252Flink.tl%252Ff1adba311d62178%26relation%3Dparent.parent&container_width=131&href=https%3A%2F%2Fwww.facebook.com%2FJetborsacom-225922364653217%2F&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/tr_TR/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.5/plugins/like.php?action=like&app_id=1675675166051329&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F0P3pVtbsZok.js%3Fversion%3D42%23cb%3Df3021ca6edcb1a4%26domain%3Dlink.tl%26origin%3Dhttp%253A%252F%252Flink.tl%252Ff1adba311d62178%26relation%3Dparent.parent&container_width=131&href=https%3A%2F%2Fwww.facebook.com%2FJetborsacom-225922364653217%2F&layout=button_count&locale=tr_TR&sdk=joey&share=true&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://link.tl/a
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/a

Response headers

status
200
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v2.7
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma
no-cache
x-xss-protection
0
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset="utf-8"
x-fb-debug
Q9/WCavCwgEptyIrgfMyN2O0bdJyr+xCUfjpZYOMS8Ghcp+3WMZhrYe3ZV6k0LLv8zp570l6AK4SblkNJkEP4Q==
date
Tue, 04 Sep 2018 07:17:41 GMT
jquery-2.1.4.min.js
link.tl/themes/ax/plugins/jquery/ Frame A9F0 		82 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Requested by
Host: link.tl
URL: http://link.tl/interstitial/links/a?uid=2&ref=
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:1bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://link.tl/a
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; XSRF-TOKEN=eyJpdiI6IlYwZWlUMnpYYm1ZcjRhb0dIdlMxNlE9PSIsInZhbHVlIjoiQ3JoeXNqajhLZVRIbjhsQSt3VFwvSk5lVVhZZVh1SlVnS244bk5oZHNyT0U5cnpXTXRsVGY2NmtENjAyREVCY1Zsc1NMVWtoMDdETkdDVElCeThOZkR3PT0iLCJtYWMiOiI1YzRkZTA5ZTJkNzMwNDY5ZTI5MGVjNjViMzc2OWYwNGFhMjdmZTc2YzkwYjc0ODQwY2ViMDU3NGU5YmQ1NGFiIn0%3D; sys_session=eyJpdiI6InlmWWt3WVFGNUFTVW5FVzdGakJcLzNRPT0iLCJ2YWx1ZSI6InRySjJCdWh1SG1pR2djalplenh4TFJaRW40K1VCVW9LelFDenVDWXRrRzZLcHBXOTljeVc4YXlKbUl1ZVVKcjBzbFwvN2t1TUVcL2NBalZ0bm9LNU40UkE9PSIsIm1hYyI6ImIyYTVjNThmOGFjYzk0ZTBjZjRmM2MwZjE5OTRjZjQxZjY3MTNmNzNhMzc4ZDMwODYyODA3NDUxMzljMTg3M2UifQ%3D%3D; ax_skip=eyJpdiI6InNVNUhZak1XRG1LOG5oaGFpZ1wvNzNBPT0iLCJ2YWx1ZSI6IldYXC81dzdXOTFFVEV2Z0lmalwvQUxYbHN5elhyWDFzTkV5cWhMNlVQNTBKWWRWV1RrYWtsaUFnM0l1RGVtY0hrKyIsIm1hYyI6IjIxNDFkNmI3ZWZmMmZiNmM4YTlmMWE4MzJkOGYwYzcxMTU5ZWZkNTNiZjZlZjY2NzU4ODk4YmM5NDMzOGU5OWEifQ%3D%3D
Connection
keep-alive
Cache-Control
no-cache

Response headers

Date
Tue, 04 Sep 2018 07:17:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
Last-Modified
Tue, 05 Dec 2017 21:05:33 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead81a744bed0-FRA
Content-Length
34418
Expires
Wed, 05 Sep 2018 22:18:32 GMT
watch.js
mc.yandex.ru/metrika/ Frame A9F0 		123 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: link.tl
URL: http://link.tl/interstitial/links/a?uid=2&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
1929b91a5f21e8246e85f402ca74404064da6240eb96f6938b40c33ac8886c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Aug 2018 08:39:58 GMT
Server
nginx/1.12.2
ETag
"5b7e72de-a6f2"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
42738
Expires
Tue, 04 Sep 2018 08:17:41 GMT
tab.js
widgets.amung.us/ Frame A9F0 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.amung.us/tab.js
Requested by
Host: link.tl
URL: http://link.tl/interstitial/links/a?uid=2&ref=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.208.133 -, , ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
8a7bbab79b11fd9be10b470d6644862d7fa3f06100e74bee366c033cfc53bcac

Request headers

Response headers

date
Tue, 04 Sep 2018 07:17:40 GMT
content-encoding
gzip
last-modified
Tue, 17 Jul 2018 21:46:33 GMT
access-control-allow-origin
*
etag
W/"5b4e63b9-6e99"
content-type
application/x-javascript
status
200
cache-control
max-age=86400, private
expires
Wed, 05 Sep 2018 07:17:40 GMT
Cookie set /
rotumal.com/4/1677971/ Frame 790F
Redirect Chain
  • http://link.tl/api/xml/redirect?uid=2&ref=
  • http://rotumal.com/4/1677971/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rotumal.com/4/1677971/
Requested by
Host: link.tl
URL: http://link.tl/interstitial/links/a?uid=2&ref=
Protocol
HTTP/1.1
Server
188.72.213.220 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
rotumal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://link.tl/interstitial/links/a?uid=2&ref=
Accept-Encoding
gzip, deflate
Cookie
SeenToday=1; OAGEO9457f=13%7CDE%7CHE%7CHOFHEIM+AM+TAUNUS%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10478%7C40063%7C%3F%7C276003; oaidts=1536045461; OAID=f6a499321d7ad981b4ca907b68bf2776; ltm_afu=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/interstitial/links/a?uid=2&ref=

Response headers

Server
nginx
Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
Pragma
no-cache no-cache
Cache-Control
private, max-age=0, no-cache no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 26 Jul 1997 05:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie
OAGEO9457f=13%7CDE%7CHE%7CHOFHEIM+AM+TAUNUS%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10478%7C40063%7C%3F%7C276003; expires=Wed, 05-Sep-2018 07:17:41 GMT; Max-Age=86400; path=/ OAID=f6a499321d7ad981b4ca907b68bf2776; expires=Wed, 04-Sep-2019 07:17:41 GMT; Max-Age=31536000; path=/ OAID=f6a499321d7ad981b4ca907b68bf2776; expires=Wed, 04-Sep-2019 07:17:41 GMT; Max-Age=31536000; path=/ exsdsf=1536045461 pbk3=aeb509a2be5d7892ed1a80a60d7df9706597265021940727180; expires=Tue, 04-Sep-2018 07:27:41 GMT; Max-Age=600
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding

Redirect headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Location
http://rotumal.com/4/1677971/
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
X-RateLimit-Limit
60
X-RateLimit-Remaining
55
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
X-Content-Type-Options
nosniff
Server
cloudflare
CF-RAY
454ead85b47c26d2-FRA
22212574
mc.yandex.ru/watch/ Frame A9F0 		133 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/22212574?wmode=7&page-ref=http%3A%2F%2Flink.tl%2Fa&page-url=http%3A%2F%2Flink.tl%2Finterstitial%2Flinks%2Fa%3Fuid%3D2%26ref%3D&charset=utf-8&browser-info=ti%3A10%3Ans%3A1536045460827%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1080%3Ai%3A20180904071741%3Aet%3A1536045461%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A468054101%3Ahid%3A760334127%3Ads%3A0%2C0%2C292%2C1%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%3Awn%3A21774%3Ahl%3A2%3Agdpr%3A14%3Av%3A1212%3Ast%3A1536045461%3Au%3A1536045461163835288%3At%3ALink.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9a028855b81ac695b6824a2933c63de034f12703417c3fe31fb719f967993121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://link.tl/interstitial/links/a?uid=2&ref=
Origin
http://link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 04 Sep 2018 07:17:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://link.tl
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Tue, 04 Sep 2018 07:17:41 GMT
Cookie set /
rotumal.com/4/839950/ Frame A77B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://rotumal.com/4/839950/
Requested by
Host: link.tl
URL: http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Server
188.72.213.220 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
rotumal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://link.tl/interstitial/links/a?uid=2&ref=
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2561428A670B7DD718881C912B0F32D1
Referer
http://link.tl/interstitial/links/a?uid=2&ref=

Response headers

Server
nginx
Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
Pragma
no-cache no-cache
Cache-Control
private, max-age=0, no-cache no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 26 Jul 1997 05:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie
SeenToday=1; expires=Wed, 05-Sep-2018 07:17:41 GMT; Max-Age=86400; path=/ OAGEO9457f=13%7CDE%7CHE%7CHOFHEIM+AM+TAUNUS%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10478%7C40063%7C%3F%7C276003; expires=Wed, 05-Sep-2018 07:17:41 GMT; Max-Age=86400; path=/ oaidts=1536045461; expires=Wed, 04-Sep-2019 07:17:41 GMT; Max-Age=31536000; path=/ OAID=f6a499321d7ad981b4ca907b68bf2776; expires=Wed, 04-Sep-2019 07:17:41 GMT; Max-Age=31536000; path=/ OAID=f6a499321d7ad981b4ca907b68bf2776; expires=Wed, 04-Sep-2019 07:17:41 GMT; Max-Age=31536000; path=/ exsdsf=1536045461 pbk3=b2cedf14310b17a8b66a0fabe8cdfd2b6597265021978932136; expires=Tue, 04-Sep-2018 07:27:41 GMT; Max-Age=600 ltm_afu=1; expires=Wed, 05-Sep-2018 07:17:41 GMT; Max-Age=86400; path=/
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Encoding
gzip
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
advert.gif
mc.yandex.ru/metrika/ Frame A9F0 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://link.tl/interstitial/links/a?uid=2&ref=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Tue, 04 Sep 2018 08:17:41 GMT
/
t.dtscout.com/i/ Frame A9F0 		17 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Flink.tl%2Finterstitial%2Flinks%2Fa%3Fuid%3D2%26ref%3D&j=http%3A%2F%2Flink.tl%2Fa
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/tab.js
Protocol
HTTP/1.1
Server
107.182.231.45 New York, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS
6bb6e72d.setaptr.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4

Request headers

Referer
http://link.tl/interstitial/links/a?uid=2&ref=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Tue, 04 Sep 2018 07:17:40 GMT
/
whos.amung.us/pingjs/ Frame A9F0 		33 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=iuc0o6lq0gm1&t=Link.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!&c=t&y=http%3A%2F%2Flink.tl%2Fa&a=0&d=0.586&v=22&r=9441
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/tab.js
Protocol
HTTP/1.1
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
7c83c9edece97780b8593ae2c82d8efc953beb53a6e271f86d663fb18a116def

Request headers

Referer
http://link.tl/interstitial/links/a?uid=2&ref=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
tc.js
cdn.tynt.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/tab.js
Protocol
HTTP/1.1
Server
104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 10 Apr 2018 18:36:40 GMT
Server
cloudflare
ETag
W/"5acd0438-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
454ead86e5a5642d-FRA
Expires
Fri, 07 Sep 2018 07:17:41 GMT
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
p
ic.tynt.com/b/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0&t=Link.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.14.0
Connection
close
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
truncated
/ Frame A9F0 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
tc.js
cdn.tynt.com/ Frame A9F0 		15 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/tab.js
Protocol
HTTP/1.1
Server
104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b

Request headers

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 10 Apr 2018 18:36:40 GMT
Server
cloudflare
ETag
W/"5acd0438-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
454ead86e5a5642d-FRA
Expires
Fri, 07 Sep 2018 07:17:41 GMT
p
ic.tynt.com/b/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0&t=Link.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Server
nginx/1.14.0
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cookie set eyJpdiI6IkZkVU5tYmNqd21zVlFEWmpaZmlzT3c9PSIsInZhbHVlIjoiSTR3MW0zZWUyaEFsTE43MXN2RjRQdlNvb2xvYUJNMnNHSmU0M3p2NW9EK2lsZnZBamhkeWQzMlVlMnE3cE44VHZRa2RJd2JaMlN5dTZONDVcL2lLbGZ2WmtnT1BpUlMyazlGVFV2OUhxa...
link.tl/ax/impression/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://link.tl/ax/impression/eyJpdiI6IkZkVU5tYmNqd21zVlFEWmpaZmlzT3c9PSIsInZhbHVlIjoiSTR3MW0zZWUyaEFsTE43MXN2RjRQdlNvb2xvYUJNMnNHSmU0M3p2NW9EK2lsZnZBamhkeWQzMlVlMnE3cE44VHZRa2RJd2JaMlN5dTZONDVcL2lLbGZ2WmtnT1BpUlMyazlGVFV2OUhxakd3d0RzK1k0VHd4eDlxRGVEYzNVZXp4NkVmTkM1U1d1SXVpbFZlY1E1bWl2WW45Tk9JeEZST1grTngzT01QQVo2eE44WjBcL0g2dHpiQTd2N0RWMnVwR2Y1ZU1cL0UzOU5jWVcyZUxqbVE3MlZ5eUN1T2ZXSWppakNTRldLU2NwdE5ncG5ZbkUrXC9pMHBvekJvWW9ZXC9nWFNNSHpNbGhOWWJqRVdUVDJzWDczaG0xaldkZGF2ellLMDlrTXdlaHdcLzVYSGNNK1hYMlhNejBDUE54XC9FQWY5WEJVWFFoOXJHaEc3M3VTNXNqajZCdFwvTjRxVUhTWjB3TlN2ckVDOEVDM1wvZk1DMUk5YjF6d0NqMTE0Q1ZSXC9cLzNHcStLUEVzY2FxSk5cL3dRZmZjcTlnZE9RbnpIZUduTno5cHV2V052XC9KNzhhaDNyZG9GdmgwdGVOaFc1dnFDajAxdHI1R2t5N0paeFBQNVwvbjQyNFM2SmFhVDA1eUdkMHJDa2ptMGU1c1RIWjBqY21PMmg2cDZTUnRmSmtnWTFINThnV2YxbEdTUjd4cTNOMHl0RlB1dlRlNld6RVJoR0Q4NDVUakNKeEp0NXlORGcwVU9OUkFhZElSUEdBc2FEcytmOXNMWld2Sm1aWGduSGh4U3lqbGEzbmVaSHhKWno5cWJmT0xiYk9TTWV2UmdZblFPb0ZaRGJyZitQN2tUK1NXTTRNMXBBdEpETW1saTJQaHJtSXJLaTF0Zml1bGdBV0c4M3Vka1MxWWtUVWJqYUN2WU1xZ2NKdUlJZys5OGVDWjlmTHdBT2diTHBScWZ0a1NHZkhUYitSdzkwOHBcL1hseWpDNEZjWllCNXdYcFJCczhPY1dNbTU2d2JpcWpORHd4QSs5WXR0K1o0eUY4QlVIbXcyYWlOMXVDQ29Tc1wvS1h3VG5ROFBWcFRzYk5YMlVmcHhrOUVZbzdLeExsQ0FPaitOd0NyM1wveU1sSUsrVjJXTFE3VEc5clI2d0lrQkxSXC9yNisrbnNsSzdvRFloUWJPdkpRdk5cL1dPRDNHXC8zK1Q3WDN4TDN2MFwvUFJ0XC9wNXpiVnJhK3ZFVDBUakRnZjg2Z29wZUJQSzN1WFdiTmordGF4Y3BLb0ZCS3d2R2N3eXNuWCt5dCIsIm1hYyI6IjQzMzQ1ZTkzNjgzMDI2MzkxY2I5NTc5YzBiOTA0MjAyNjIxNzU3NGEzMmFjOGRmMDI2ZWI3M2QxMGJjZmQxMGEifQ==
Requested by
Host: link.tl
URL: http://link.tl/themes/ax/plugins/jquery/jquery-2.1.4.min.js
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:bd , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Pragma
no-cache
Origin
http://link.tl
Accept-Encoding
gzip, deflate
X-CSRF-TOKEN
Vwb2Z1cEJ4vPTguFxoKYv15JGIgBIhwc3lTWBl13
Host
link.tl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4kfCL1apO1pq1xl9
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
__cfduid=d44a107c33cde24c45783241b0ecca6ac1536045460; ax_skip=eyJpdiI6IkF0alM5MzN1eG81cmczNWpvTWhsYmc9PSIsInZhbHVlIjoiQzRPYVRkMDNcLzR5MXA2eE1CWlpYXC9Fd2tWczRzbUs1U0M5aWo3bVZVWlFoc3E1R0ZVbzhFalIrNm8xdVRrSEpKIiwibWFjIjoiMzlmMGFiYjE3ZDcwMjc5MWY2NTM5N2YyMDE4YjIzODZhODBhYzJhMTM1Zjk1MzQwMmNlNzZiN2RkZDI0OTZkMiJ9; _ym_uid=1536045461163835288; _ym_d=1536045461; XSRF-TOKEN=eyJpdiI6IjI4dXNMdE45K0JKb0pJemIrR0xLS3c9PSIsInZhbHVlIjoidzZVOFZCUmd2ZXRWVFFcL0tWemVxK2NZSk0wTWp6WkR1ZUFMOWZ2UGZBZW9sU3k5Z1EwYWtcL2hmTnVGUWQ2aE9PdkRvajdSOHJcL2lJbWthaDJSZmlFVFE9PSIsIm1hYyI6IjUwZjZkMzZmNTRhMmYzY2I5ZWUyNjQ5N2UxNDZlYzdlNmEzM2NhYTA1Zjc2MWZiMTU0ZjM1NDY3ODliMmM0ZTgifQ%3D%3D; sys_session=eyJpdiI6Ik9raENxa3ZaaFk2SjNDbkFQRzlia0E9PSIsInZhbHVlIjoiVkNJS2ZDN3Y5V05TZXh4THdBcjZuXC9wSWNLN1JPbXc2YXZGdFJkdVVjXC9Cd1RndHFJNzM2dURCWTV2SW1IaENsUmZwUER1QythSm1KUEhTRDE0M0E4UT09IiwibWFjIjoiYTQ3YWRkMGRmOTE1OWE1NjNhMWFmMmI4Y2MxNDk5N2NmNTFmMTRhODc0YWQ0ZjI1MDZlMTY1MzY0YjQ5MjRlZCJ9; _ym_visorc_22212574=w; _ym_isad=2
Connection
keep-alive
Referer
http://link.tl/a
Content-Length
884
Accept
*/*
Referer
http://link.tl/a
Origin
http://link.tl
X-CSRF-TOKEN
Vwb2Z1cEJ4vPTguFxoKYv15JGIgBIhwc3lTWBl13
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4kfCL1apO1pq1xl9

Response headers

Date
Tue, 04 Sep 2018 07:17:42 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
Content-Type
application/json
Set-Cookie
XSRF-TOKEN=eyJpdiI6ImVEdWFnVExZRTR3Tzk4emtkSjhhZWc9PSIsInZhbHVlIjoiUkg4ZVNFMFRDN0puVmhsWHVOQkJmd2xRa0JIeEtvNUtCd2pFWFRvVnlwUzJ1QXBiSmFXT3N2RlhpNEhGdE5vRG1WeklVdWVYZ043cEk1bm1QVm10QWc9PSIsIm1hYyI6IjE2MzM4NGFjZGUwMWM3Y2I3OTkzMTE3ZWFkZTIwN2I0OGQ4MzBlMjM0M2U0NDcyMGJlNzg0YWE3YWM5ZmFhMDQifQ%3D%3D; expires=Tue, 04-Sep-2018 09:17:41 GMT; Max-Age=7200; path=/ sys_session=eyJpdiI6IkRNVHJxYjZydGN4RGdmU0h1Rk15M3c9PSIsInZhbHVlIjoiSHhZY1llYWdSZGlcLzhRano2UGdBSkExN25mZkxvVkd5WFwvYmZJMWtmMnd5cjh3XC9NcnV5aWQ4eUZNZmRhMmdIbUhUTDdTNXREVWxwV09KUlJhSlFHSVE9PSIsIm1hYyI6ImMxOGI0NzAyYWJjZWQ3ZDg2Nzc3ZWFkNDBlMTk3ZDYzYjQ4ZTUyMDViZTAzMmY5MzY2ZDBlYjA3NWRkNWJkNGYifQ%3D%3D; expires=Tue, 04-Sep-2018 09:17:41 GMT; Max-Age=7200; path=/; httponly
Cache-Control
no-cache, private
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
454ead8894f926d2-FRA
Content-Length
2
v2
de.tynt.com/deb/ 		4 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!qedo75j62kvv&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:41 GMT
Cache-Control
max-age=86400
Content-Type
application/javascript
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
4
Expires
Wed, 05 Sep 2018 07:17:42 GMT
p
ic.tynt.com/b/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0&t=Link.TL%20-%20k%C4%B1salt%2C%20payla%C5%9F%20ve%20kazan!
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:42 GMT
Server
nginx/1.14.0
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:42 GMT
Server
nginx/1.14.0
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:42 GMT
Server
nginx/1.14.0
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:42 GMT
Server
nginx/1.14.0
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
p
ic.tynt.com/b/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!qedo75j62kvv&lm=0&ts=1536045461593&dn=TC&iso=0
Requested by
Host: link.tl
URL: http://link.tl/a
Protocol
HTTP/1.1
Server
208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip181.208-100-17.static.steadfastdns.net
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://link.tl/a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 04 Sep 2018 07:17:43 GMT
Server
nginx/1.14.0
Connection
close
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery boolean| zfgloadedpopup object| _wau function| downloadiframe string| ref string| ref_title function| retry function| isIE10OrLater function| detectPrivateBrowsing number| incognito_browser number| adblock string| accountID function| ii number| countdown boolean| send function| verifyCallback boolean| captcha_ready function| onloadCallback function| rr number| timer object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client string| wau_w_tab object| WAU_ren function| WAU_tab function| WAU_r_t function| WAU_animate_tab function| WAU_addLoadEvent function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| FB object| recaptcha object| _0x1e16 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| _dts object| Ya object| yaCounter22212574 function| m function| q function| u object| y object| z function| B function| A function| Fingerprint2 number| _28879446 string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt object| _0x5058 function| _0x37f1 boolean| installOnFly object| x string| x1 string| x2 object| Tynt object| _33Across

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: http://cobalten.com/apu.php?zoneid=1673618&var=2(Line 1)
Message:
70000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boudja.com
cdn.tynt.com
cobalten.com
connect.facebook.net
da3uf5ucdz00u.cloudfront.net
de.tynt.com
download.mediaget.com
go.onclasrv.com
ic.tynt.com
ld.mediaget.com
link.tl
mc.yandex.ru
pushance.com
refbanners.com
rotumal.com
staticxx.facebook.com
sub2.bubblesmedia.ru
t.dtscout.com
torr.mediaget.com
whos.amung.us
widgets.amung.us
www.facebook.com
www.google.com
www.gstatic.com
104.16.88.26
107.182.231.45
185.159.81.206
185.225.208.133
188.124.255.98
188.72.202.174
188.72.202.175
188.72.213.176
188.72.213.220
208.100.17.181
208.100.17.184
23.111.31.135
23.111.31.146
2400:cb00:2048:1::681f:1bd
2400:cb00:2048:1::681f:bd
2600:9000:200d:a400:f:5f9:f780:21
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
52.222.150.235
67.202.94.86
67.202.94.93
69.4.231.30
78.140.191.217
109060f7adb8a608724603a071ce15da0e4957885123056b72375fa80d7b49ee
170ab0a54931ef46c9cd309a41dea01b353b5a84d9820aa05f2838b0ba19569c
1929b91a5f21e8246e85f402ca74404064da6240eb96f6938b40c33ac8886c2e
2eb876c73993d792d0d62a3d3e720fb04c0084e1160f5b1c63535f40925622b0
37c5cbe8ad795a530c7ad3e2a3574a4f9038c3fc10fc48ca4c1c74ed9ffdc6a4
47cc2c589d05a9dd21bc95102f48ec4e60e198c6b17da4381e4a05b5b64bdbc7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
683b78434696694bec982d847075ef8d05f69c098ec74fba5892cd49a7f7ef57
72a2b42dc8e3f13c6d60273fe9464600e458c531d4121e7b568994a73efac20e
78a5d5babf27ce2841a8494a8e549b153661df7dfdcfcfc440689ed33524536d
7c83c9edece97780b8593ae2c82d8efc953beb53a6e271f86d663fb18a116def
8a7bbab79b11fd9be10b470d6644862d7fa3f06100e74bee366c033cfc53bcac
980ce08b84248ef3e7bc6d36eb4f4ed32bc6f04dc5ba77c4e5f3f2891d507e7f
9a028855b81ac695b6824a2933c63de034f12703417c3fe31fb719f967993121
9aed609a44c1d6b6e1d0c23874d2f02a292cce43fcac25bbccf6253573cea969
9e175e088d0708199fbc1d5688fa244c071d34a55b2a38f0a1669827f76d9611
9fbf8250dcfd5dd99567c3f412096ab0249a1bbf8e259dae7609f47220e21567
ba1bfb0d679aa88756eb2fbea31f6442581a1ffc77e547593889d573f517415c
c1ff233f64dbe8e19bb25f65e17de761485a4311f57edf934219058832f1af03
c951e135943eb002a5eeeb1dc00dfde4713117871c849521b14dae1750876019
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
e119d54f77ab175a1af13b742102c9062ce8db77ac8c104e4beb1246c7bd035f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea78b65316953d22bf4608df0c4fbed162e8a80e858ba287ee1d518d8bab48e9
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f39a8afe9fc7bd0dd1f246e1f70697d6a77f49677649b3cc166f4149454dd80e
f447b7ab80779e928c6cecf824cb52ceac2795c921886c90ad4977fe4bbdcf3b