urlscan.io logo urlscan.io
SecurityTrails logo

www.turkifsaalemi.tk Open in urlscan Pro
2a00:1450:4001:82b::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Submission: On August 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 30 HTTP transactions. The main IP is 2a00:1450:4001:82b::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.turkifsaalemi.tk.
TLS certificate: Issued by GTS CA 1D4 on August 21st 2023. Valid for: 3 months.
This is the only time www.turkifsaalemi.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 192.0.72.24 2635 (AUTOMATTIC)
4 12 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
12 2001:67c:4e8:... 62041 (TELEGRAM)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.111.35.152 396982 (GOOGLE-CL...)
1 149.154.167.99 62041 (TELEGRAM)
30 11
2    2a00:1450:4001:82b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.turkifsaalemi.tk
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    192.0.72.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
escobarvipx.files.wordpress.com
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ppcnt.pro
12    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
telegram.org
t.me
2    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    34.111.35.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.35.111.34.bc.googleusercontent.com
cdn4.telegram-cdn.org
1    149.154.167.99 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)
oauth.tg.dev
Apex Domain
Subdomains		 Transfer
9 telegram.org
telegram.org — Cisco Umbrella Rank: 11059
94 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 11632
3 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4306
135 KB
3 t.me
t.me — Cisco Umbrella Rank: 17033
5 KB
2 telegram-cdn.org
cdn4.telegram-cdn.org — Cisco Umbrella Rank: 40831
58 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 16779
widgets.amung.us — Cisco Umbrella Rank: 29237
685 B
2 turkifsaalemi.tk
www.turkifsaalemi.tk
22 KB
1 tg.dev
oauth.tg.dev — Cisco Umbrella Rank: 93399
6 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 982
76 KB
1 ppcnt.pro
ppcnt.pro — Cisco Umbrella Rank: 686921
4 KB
1 wordpress.com
escobarvipx.files.wordpress.com
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
30 KB
30 12
Domain Requested by
9 telegram.org www.turkifsaalemi.tk
t.me
telegram.org
7 mc.yandex.com 2 redirects www.turkifsaalemi.tk
mc.yandex.ru
5 mc.yandex.ru 2 redirects www.turkifsaalemi.tk
ppcnt.pro
3 t.me telegram.org
t.me
2 cdn4.telegram-cdn.org t.me
2 www.turkifsaalemi.tk www.turkifsaalemi.tk
1 oauth.tg.dev t.me
1 maxcdn.bootstrapcdn.com www.turkifsaalemi.tk
1 widgets.amung.us www.turkifsaalemi.tk
1 whos.amung.us 1 redirects
1 ppcnt.pro www.turkifsaalemi.tk
1 escobarvipx.files.wordpress.com www.turkifsaalemi.tk
1 code.jquery.com www.turkifsaalemi.tk
30 13

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
www.turkifsaalemi.tk
GTS CA 1D4		 2023-08-21 -
2023-11-19		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.files.wordpress.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
ppcnt.pro
GTS CA 1P5		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2		 2023-08-11 -
2024-09-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.t.me
Go Daddy Secure Certificate Authority - G2		 2022-10-08 -
2023-11-09		 a year crt.sh
cdn4.telegram-cdn.org
GTS CA 1D4		 2023-08-09 -
2023-11-07		 3 months crt.sh
*.tg.dev
Go Daddy Secure Certificate Authority - G2		 2023-04-06 -
2024-05-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Frame ID: BDC5DA96DAEB1A257200644CEA9823FC
Requests: 16 HTTP requests in this frame

Frame: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Frame ID: F84242C138676D2C6394556456773A24
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Go | Escobarvip — Türk ifşa alemi

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

87 %
HTTPS

70 %
IPv6

12
Domains

13
Subdomains

11
IPs

5
Countries

436 kB
Transfer

983 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://mc.yandex.ru/watch/52479679 HTTP 302
  • https://mc.yandex.ru/watch/52479679/1?redirnss=1
Request Chain 8
  • https://whos.amung.us/swidget/p57arv66v7.png HTTP 307
  • https://widgets.amung.us/small/01/157.png
Request Chain 24
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10107.FReEWgPdiUi4h5BnbMZ7Qyed-WDTpcwpYnYrQa9rB5MoU6pQBl0eBwnTbXToYgAR.PItONacVOWndPMq-QRl_sRjYPKE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10107.xRS4YFM7xXIiNKqzRuzXMGyO92mwC8-JAXjHuuQMONjvd1ThklhxryY2flHKubWuQJneQiayDh57VgLXtoRUa0VcNd-CDYOjpfGP9xhGaJrgwvXzLtWLdD-M7jLrQHeoyyIh03sP_pwtSj4GNwgpcGbTOffuu2kKNuoOG7HZWy_RPqVa-6Tu7Zn2qJW_5mVzPei21f1bHRVQkxbLUZpbcc_mZXq7hqWegkz0MLnZ6DU%2C.Z3IOg8ZgiAcHh6Xt2r5FiHGsOY0%2C
Request Chain 28
  • https://mc.yandex.com/watch/93415391?wmode=7&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A295%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1617678386479%3Ahid%3A787271431%3Az%3A120%3Ai%3A20230826171350%3Aet%3A1693062830%3Ac%3A1%3Arn%3A294203114%3Arqn%3A1%3Au%3A1693062830828643831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A44%2C52%2C155%2C24%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1693062829426%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693062830%3At%3AGo%20%7C%20Escobarvip%20%E2%80%94%20T%C3%BCrk%20if%C5%9Fa%20alemi&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/93415391/1?wmode=7&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A295%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1617678386479%3Ahid%3A787271431%3Az%3A120%3Ai%3A20230826171350%3Aet%3A1693062830%3Ac%3A1%3Arn%3A294203114%3Arqn%3A1%3Au%3A1693062830828643831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A44%2C52%2C155%2C24%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1693062829426%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693062830%3At%3AGo%20%7C%20Escobarvip%20%E2%80%94%20T%C3%BCrk%20if%C5%9Fa%20alemi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request goo.html
www.turkifsaalemi.tk/p/ 		80 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
420252b92381b179a99dbe3fd19cedf8a08008b4d6922106f3334276193a79b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
19942
content-type
text/html; charset=UTF-8
date
Sat, 26 Aug 2023 15:13:49 GMT
etag
W/"764b6f6c3f356ccb54a689507765097d30021ab8b597d1237af21d92fa3192c7"
expires
Sat, 26 Aug 2023 15:13:49 GMT
last-modified
Tue, 22 Aug 2023 15:29:36 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1693062829.dop265.fr8.t,1693062829.cds137.fr8.hn,1693062829.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
escobarvip-turk-ifsa-alemi-telegram-goescobarvip.webp
escobarvipx.files.wordpress.com/2022/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://escobarvipx.files.wordpress.com/2022/02/escobarvip-turk-ifsa-alemi-telegram-goescobarvip.webp?w=150
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7344b11e304439b6a7bdbb5702b29e31a7e52eee91862f7e5d03f39118d3e2b6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-nc
HIT hhn 24 np
date
Sat, 26 Aug 2023 15:13:49 GMT
x-content-type-options
nosniff, nosniff
last-modified
Wed, 09 Feb 2022 17:28:32 GMT
server
nginx
x-orig-src
0_imageresize
vary
Accept, Origin
content-type
image/webp
access-control-allow-origin
https://escobarvipx.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
4648
expires
Sat, 09 Sep 2023 06:35:35 GMT
tag.js
mc.yandex.ru/metrika/ 		216 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Aug 2023 14:02:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64e495c5-127ae"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75694
expires
Sat, 26 Aug 2023 16:13:49 GMT
pp.js
ppcnt.pro/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ppcnt.pro/pp.js
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7625420a08bd4464b0a297382d6616c4daa41a8194c1be3985be3df2c5da9907

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 Oct 2022 14:53:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6653
etag
W/"6342e04c-30a1"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abtkjsQwcnG7uVkZCWQ2bZJ7iTnF8rWg%2BNnmdO0%2BrpR0UXNmAEgrcEFX3lOlvM5sjaomcg2dAxjp2ZjeGGQE797Cmty%2Fsdb09NEjehWvC%2F%2Bx%2BuZGabLySe3AC7MF7i21kC3DiCAGupk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
7fcd055e1be62bb5-FRA
alt-svc
h3=":443"; ma=86400
telegram-widget.js
telegram.org/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/telegram-widget.js?15
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
etag
W/"642abc84-4ff5"
content-type
application/javascript
cache-control
max-age=345600
expires
Wed, 30 Aug 2023 15:13:49 GMT
cookienotice.js
www.turkifsaalemi.tk/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.turkifsaalemi.tk/js/cookienotice.js
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 26 Aug 2023 12:53:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 02 Sep 2023 15:13:49 GMT
watch.js
mc.yandex.ru/metrika/ 		168 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: ppcnt.pro
URL: https://ppcnt.pro/pp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0c8b1f98b3af7160b780dfac0e91ab579d16130a518fb98d402efa1733894d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Aug 2023 14:02:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64e495c5-eb67"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
60263
expires
Sat, 26 Aug 2023 16:13:49 GMT
1
mc.yandex.ru/watch/52479679/
Redirect Chain
  • https://mc.yandex.ru/watch/52479679
  • https://mc.yandex.ru/watch/52479679/1?redirnss=1
43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/52479679/1?redirnss=1
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 26-Aug-2023 15:13:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 26-Aug-2023 15:13:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:49 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 26-Aug-2023 15:13:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/52479679/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Sat, 26-Aug-2023 15:13:49 GMT
157.png
widgets.amung.us/small/01/
Redirect Chain
  • https://whos.amung.us/swidget/p57arv66v7.png
  • https://widgets.amung.us/small/01/157.png
321 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/01/157.png
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242189f7b8e173cc5aca3510d4978203ccc0ec9fd32b8aadfcfd89409659b5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:48:29 GMT
server
cloudflare
age
1767020
etag
"4c14a96d-141"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7fcd055fb9073a61-FRA
content-length
321
expires
Mon, 07 Aug 2023 04:23:30 GMT

Redirect headers

location
https://widgets.amung.us/small/01/157.png
date
Sat, 26 Aug 2023 15:13:49 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7fcd055ebf953a61-FRA
content-type
text/html; charset=UTF-8
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.turkifsaalemi.tk/
Origin
https://www.turkifsaalemi.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
3636835
cdn-cachedat
06/15/2023 15:40:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5e4a8e3fd21691f2bd890fa3383f4ce1
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7fcd055e9b4737f0-FRA
cdn-requestpullsuccess
True
26
t.me/goescobarvip/ Frame F842 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Requested by
Host: telegram.org
URL: https://telegram.org/js/telegram-widget.js?15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9653efe43853182cc28727b17effeb93f5b7763e441bdc9297ab8e662c48900b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://www.turkifsaalemi.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-length
4859
content-type
text/html; charset=utf-8
date
Sat, 26 Aug 2023 15:13:49 GMT
pragma
no-cache
server
nginx/1.18.0
strict-transport-security
max-age=35768000
font-roboto.css
telegram.org/css/ Frame F842 		6 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/font-roboto.css?1
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
W/"63512b7d-1816"
content-type
text/css
cache-control
max-age=345600
expires
Wed, 30 Aug 2023 15:13:49 GMT
widget-frame.css
telegram.org/css/ Frame F842 		81 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.org/css/widget-frame.css?66
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Sat, 01 Apr 2023 17:42:21 GMT
server
nginx/1.18.0
etag
W/"64286cfd-1456a"
content-type
text/css
cache-control
max-age=345600
expires
Wed, 30 Aug 2023 15:13:49 GMT
gmqObe7_3ssZFBt4OB4nxEKJlBy5TeFP23fw81w05fQHR8O9sqt1jsiI60wMVE1jA5O8OiOUIxcpuX1IakFGLBBwt_lObBo4BmCd-Q_EhWCNslwoFEIuj8wg-BrRM1rmwofRZN5b0xU2ATehx0Atz0hADYrVNWn5ge4aa9bmprLPQRLxKK9AM3ivbJ0mj8aKfh33R...
cdn4.telegram-cdn.org/file/ Frame F842 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/gmqObe7_3ssZFBt4OB4nxEKJlBy5TeFP23fw81w05fQHR8O9sqt1jsiI60wMVE1jA5O8OiOUIxcpuX1IakFGLBBwt_lObBo4BmCd-Q_EhWCNslwoFEIuj8wg-BrRM1rmwofRZN5b0xU2ATehx0Atz0hADYrVNWn5ge4aa9bmprLPQRLxKK9AM3ivbJ0mj8aKfh33R-B06RiXz8IUt0_f8-ZGXl_woqE_LV2tbgVka4bvmFwDd1a5sCL7iFl8yC7zzyfWCgZJmJnDXk4UPtrI2AxUm7Qde1XXK5Qyjgt5qOT0kF00pQur7GK5K7M_avbf9vAi_wNVxkTqfF2nHtFsdw.jpg
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
82dc14fb4406d1e727b92d656d51b291e3d24e10bd07c9696cd1ec141cfe49dd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 14:33:12 GMT
via
1.1 google
age
2438
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5505
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"eafa7f49cd215562d2c0bd38e027b68f9721cc7d"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
telegram-widget.js
oauth.tg.dev/js/ Frame F842 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oauth.tg.dev/js/telegram-widget.js?22
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.154.167.99 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 11:46:12 GMT
server
nginx/1.18.0
etag
W/"642abc84-4ff5"
content-type
application/javascript
cache-control
max-age=345600
expires
Wed, 30 Aug 2023 15:13:50 GMT
widget-frame.js
telegram.org/js/ Frame F842 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.org/js/widget-frame.js?62
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 20 Apr 2023 18:46:51 GMT
server
nginx/1.18.0
etag
W/"6441889b-16f16"
content-type
application/javascript
cache-control
max-age=345600
expires
Wed, 30 Aug 2023 15:13:49 GMT
truncated
/ Frame F842 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1ef3d3ae5f563bd9b05d778c8cb5261ff05eb0dc32de1d27f78fdc111ed2107

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
tlEOKWc9ndcAMkK4gnwRz6AEHzNPZM585DvJ08uxNjup4w3WGNUroHCR-NqdIL4fqqlRUmWoDJ45r1WSkhtKkaoVY7yjgbcNsE17TCTbMCZZSABNbafc1r4w9XsQhjnisz50S-fiJrDmddJ7kifRVWpJQbDwmvg6TcXNFPkQMDIrnpeUHECwT1u7w1lrRIf9qUhf8...
cdn4.telegram-cdn.org/file/ Frame F842 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telegram-cdn.org/file/tlEOKWc9ndcAMkK4gnwRz6AEHzNPZM585DvJ08uxNjup4w3WGNUroHCR-NqdIL4fqqlRUmWoDJ45r1WSkhtKkaoVY7yjgbcNsE17TCTbMCZZSABNbafc1r4w9XsQhjnisz50S-fiJrDmddJ7kifRVWpJQbDwmvg6TcXNFPkQMDIrnpeUHECwT1u7w1lrRIf9qUhf8h3WpuvleQ_MrxsJC1yj_dyM0zWpS4cbOpwCl6uY99g4kXtOEsr5nsjyJLbOlumRWcl2Fch8SOs4BIYdoRhAyUnesaoGItw8vMnC9Iq1EFQGt1yUVTcwGlidJg7GlUOYFqz1C10RMez9PCqFEw.jpg
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.35.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.35.111.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
3f443355f3ec74f666c67ba8efdc3e92d9b9bf9653fe8728b3d5865b25486d83
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src 'none'; sandbox
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 13:17:58 GMT
via
1.1 google
age
6952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53846
x-xss-protection
1; mode=block
server
nginx/1.18.0
etag
"6bc7f875eef7a350da880e4280d098040e7c8591"
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges, Content-Range, Content-Length
cache-control
public,max-age=7200
accept-ranges
bytes, bytes
F09F949E.png
telegram.org/img/emoji/40/ Frame F842 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegram.org/img/emoji/40/F09F949E.png
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d5e244c9c756e27bee97f94c617fdba2e87324fcdefe4d54e329b1ec1d4b3ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:49 GMT
last-modified
Fri, 01 Nov 2019 00:04:50 GMT
server
nginx/1.18.0
etag
"5dbb76a2-d47"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
3399
expires
Wed, 30 Aug 2023 15:13:49 GMT
truncated
/ Frame F842 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
telegram.org/fonts/Roboto/ Frame F842 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b40"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11072
expires
Wed, 30 Aug 2023 15:13:50 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame F842 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-2b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
11028
expires
Wed, 30 Aug 2023 15:13:50 GMT
KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
telegram.org/fonts/Roboto/ Frame F842 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9cfe0546be6c8e0e13beeae9b8814f1e7bf0ff31fe4d286bf9ea12239a0abbd9

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-1dfc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
7676
expires
Wed, 30 Aug 2023 15:13:50 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
telegram.org/fonts/Roboto/ Frame F842 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: telegram.org
URL: https://telegram.org/css/font-roboto.css?1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
582ca1c5738fa2697949cc4a495418e42df462e2bc3fc62bdae126bf159b6af5

Request headers

Referer
https://telegram.org/css/font-roboto.css?1
Origin
https://t.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
last-modified
Thu, 20 Oct 2022 11:05:33 GMT
server
nginx/1.18.0
etag
"63512b7d-1e38"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
accept-ranges
bytes
content-length
7736
expires
Wed, 30 Aug 2023 15:13:50 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10107.FReEWgPdiUi4h5BnbMZ7Qyed-WDTpcwpYnYrQa9rB5MoU6pQBl0eBwnTbXToYgAR.PItONacVOWndPMq-QRl_sRjYPKE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10107.xRS4YFM7xXIiNKqzRuzXMGyO92mwC8-JAXjHuuQMONjvd1ThklhxryY2flHKubWuQJneQiayDh57VgLXtoRUa0VcNd-CDYOjpfGP9xhGaJrgwvXzLtWLdD-M7jLrQHeoyyIh03sP_p...
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10107.xRS4YFM7xXIiNKqzRuzXMGyO92mwC8-JAXjHuuQMONjvd1ThklhxryY2flHKubWuQJneQiayDh57VgLXtoRUa0VcNd-CDYOjpfGP9xhGaJrgwvXzLtWLdD-M7jLrQHeoyyIh03sP_pwtSj4GNwgpcGbTOffuu2kKNuoOG7HZWy_RPqVa-6Tu7Zn2qJW_5mVzPei21f1bHRVQkxbLUZpbcc_mZXq7hqWegkz0MLnZ6DU%2C.Z3IOg8ZgiAcHh6Xt2r5FiHGsOY0%2C
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10107.xRS4YFM7xXIiNKqzRuzXMGyO92mwC8-JAXjHuuQMONjvd1ThklhxryY2flHKubWuQJneQiayDh57VgLXtoRUa0VcNd-CDYOjpfGP9xhGaJrgwvXzLtWLdD-M7jLrQHeoyyIh03sP_pwtSj4GNwgpcGbTOffuu2kKNuoOG7HZWy_RPqVa-6Tu7Zn2qJW_5mVzPei21f1bHRVQkxbLUZpbcc_mZXq7hqWegkz0MLnZ6DU%2C.Z3IOg8ZgiAcHh6Xt2r5FiHGsOY0%2C
date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.turkifsaalemi.tk
URL: https://www.turkifsaalemi.tk/p/goo.html?url=https://cloud.mail.ru/public/sskf/p85oFKtb5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Aug 2023 14:02:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64e495c5-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 26 Aug 2023 16:13:50 GMT
26
t.me/goescobarvip/ Frame F842 		4 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Requested by
Host: t.me
URL: https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:50 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
application/json; charset=utf-8
cache-control
no-store
content-length
24
/
t.me/v/ Frame F842 		4 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.me/v/?views=eyJjIjotMTE5MjQ5MjE3NCwicCI6MjYsInQiOjE2OTMwNjI4MjksImgiOiJjNzcxZmIxZjE5ZGRlMmMwZTMifQ
Requested by
Host: telegram.org
URL: https://telegram.org/js/widget-frame.js?62
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Referer
https://t.me/goescobarvip/26?embed=1&userpic=false&color=E22F38&dark_color=F95C54
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:50 GMT
content-encoding
gzip
strict-transport-security
max-age=35768000
server
nginx/1.18.0
content-type
application/json; charset=utf-8
cache-control
no-store
content-length
24
1
mc.yandex.com/watch/93415391/
Redirect Chain
  • https://mc.yandex.com/watch/93415391?wmode=7&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&charset=utf-8&uah=chm%0A%3F0&...
  • https://mc.yandex.com/watch/93415391/1?wmode=7&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&charset=utf-8&uah=chm%0A%3F...
420 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/93415391/1?wmode=7&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A295%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1617678386479%3Ahid%3A787271431%3Az%3A120%3Ai%3A20230826171350%3Aet%3A1693062830%3Ac%3A1%3Arn%3A294203114%3Arqn%3A1%3Au%3A1693062830828643831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A44%2C52%2C155%2C24%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1693062829426%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693062830%3At%3AGo%20%7C%20Escobarvip%20%E2%80%94%20T%C3%BCrk%20if%C5%9Fa%20alemi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7c57e6a8253f6d88255ba5ebc347cf034d7d4b5f026e621fc721cdfad1fe87b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.turkifsaalemi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 26-Aug-2023 15:13:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.turkifsaalemi.tk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Sat, 26-Aug-2023 15:13:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:50 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 26-Aug-2023 15:13:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/93415391/1?wmode=7&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A295%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1617678386479%3Ahid%3A787271431%3Az%3A120%3Ai%3A20230826171350%3Aet%3A1693062830%3Ac%3A1%3Arn%3A294203114%3Arqn%3A1%3Au%3A1693062830828643831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A44%2C52%2C155%2C24%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1693062829426%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693062830%3At%3AGo%20%7C%20Escobarvip%20%E2%80%94%20T%C3%BCrk%20if%C5%9Fa%20alemi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://www.turkifsaalemi.tk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 26-Aug-2023 15:13:50 GMT
93415391
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/93415391?wv-part=1&wmode=0&wv-hit=787271431&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&rn=143514352&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1693062833%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230826171352%3Au%3A1693062830828643831%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Ast%3A1693062833&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turkifsaalemi.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:53 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 26-Aug-2023 15:13:53 GMT
content-type
image/gif
access-control-allow-origin
https://www.turkifsaalemi.tk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 26-Aug-2023 15:13:53 GMT
93415391
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/93415391?wv-part=1&wmode=0&wv-hit=787271431&page-url=https%3A%2F%2Fwww.turkifsaalemi.tk%2Fp%2Fgoo.html%3Furl%3Dhttps%3A%2F%2Fcloud.mail.ru%2Fpublic%2Fsskf%2Fp85oFKtb5&rn=73468591&wv-type=3&browser-info=we%3A1%3Aet%3A1693062833%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230826171353%3Au%3A1693062830828643831%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Ast%3A1693062833&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.turkifsaalemi.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 15:13:53 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 26-Aug-2023 15:13:53 GMT
content-type
image/gif
access-control-allow-origin
https://www.turkifsaalemi.tk
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 26-Aug-2023 15:13:53 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| cookieChoices string| uri undefined| clean_uri string| protocol undefined| url object| adsbygoogle function| ym string| web_id string| interval function| $ function| jQuery function| _0x9cd4db object| _0x3096 object| popcent_defaults object| popcent_config function| get_time function| get_domain function| get_url function| tokenize_domain object| JS function| do_open function| set_cookie function| get_cookie function| init_pu function| check_target function| _0x5cc3 object| _0xe23f object| _0x49f0 function| _0x282c function| _0x2962 object| img function| Updatetime function| Updatetimer string| selectedTheme object| darkMode object| lightMode function| toggleTheme object| cookieOptions function| __parseFunction object| Telegram object| Ya object| yaCounter93415391 object| yaCounter52479679

21 Cookies

Domain/Path Name / Value
t.me/ Name: stel_ssid
Value: 32537d78cd4ecfb1b2_4513068442732257339
t.me/ Name: stel_on
Value: 1
t.me/ Name: stel_dt
Value: -120
.turkifsaalemi.tk/ Name: _ym_uid
Value: 1693062830828643831
.turkifsaalemi.tk/ Name: _ym_d
Value: 1693062830
mc.yandex.ru/ Name: yabs-sid
Value: 2121812721693062829
.yandex.ru/ Name: i
Value: P8wLsdzP5YnOHemvahYqA+ZnyPwXOe+tzyDeYVM5yuWIPDZCXUbd/TUEM7jiq+q5WH94AkHk8mDFqBr/i/7TUNjC6UI=
.yandex.ru/ Name: yandexuid
Value: 8289288971693062829
.yandex.ru/ Name: yuidss
Value: 8289288971693062829
.yandex.ru/ Name: ymex
Value: 1724598829.yrts.1693062829#1724598829.yrtsi.1693062829
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 225645216fake
.turkifsaalemi.tk/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2884701499fake
.yandex.com/ Name: yandexuid
Value: 8289288971693062829
.yandex.com/ Name: yuidss
Value: 8289288971693062829
.yandex.com/ Name: i
Value: P8wLsdzP5YnOHemvahYqA+ZnyPwXOe+tzyDeYVM5yuWIPDZCXUbd/TUEM7jiq+q5WH94AkHk8mDFqBr/i/7TUNjC6UI=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 891886621693062830
.yandex.com/ Name: ymex
Value: 1724598830.yrts.1693062830
.yandex.com/ Name: bh
Value: KgI/MA==
.turkifsaalemi.tk/ Name: _ym_visorc
Value: w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.telegram-cdn.org
code.jquery.com
escobarvipx.files.wordpress.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
oauth.tg.dev
ppcnt.pro
t.me
telegram.org
whos.amung.us
widgets.amung.us
www.turkifsaalemi.tk
149.154.167.99
192.0.72.24
2001:4de0:ac18::1:a:1a
2001:67c:4e8:f004::9
2606:4700:10::6816:4aab
2606:4700::6812:acf
2a00:1450:4001:82b::2013
2a02:6b8::1:119
2a06:98c1:3121::3
34.111.35.152
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0c8b1f98b3af7160b780dfac0e91ab579d16130a518fb98d402efa1733894d58
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
242189f7b8e173cc5aca3510d4978203ccc0ec9fd32b8aadfcfd89409659b5e1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3f443355f3ec74f666c67ba8efdc3e92d9b9bf9653fe8728b3d5865b25486d83
420252b92381b179a99dbe3fd19cedf8a08008b4d6922106f3334276193a79b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582ca1c5738fa2697949cc4a495418e42df462e2bc3fc62bdae126bf159b6af5
7344b11e304439b6a7bdbb5702b29e31a7e52eee91862f7e5d03f39118d3e2b6
7625420a08bd4464b0a297382d6616c4daa41a8194c1be3985be3df2c5da9907
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7c57e6a8253f6d88255ba5ebc347cf034d7d4b5f026e621fc721cdfad1fe87b8
82dc14fb4406d1e727b92d656d51b291e3d24e10bd07c9696cd1ec141cfe49dd
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
9653efe43853182cc28727b17effeb93f5b7763e441bdc9297ab8e662c48900b
9cfe0546be6c8e0e13beeae9b8814f1e7bf0ff31fe4d286bf9ea12239a0abbd9
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
a1ef3d3ae5f563bd9b05d778c8cb5261ff05eb0dc32de1d27f78fdc111ed2107
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
d5e244c9c756e27bee97f94c617fdba2e87324fcdefe4d54e329b1ec1d4b3ed6
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf
fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e