urlscan.io logo urlscan.io
SecurityTrails logo

www.medyaninveridyeni.cf.xcloakers.tk Open in urlscan Pro
185.171.88.238  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Submission: On March 28 via automatic, source rescanner — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 185.171.88.238, located in Turkey and belongs to NetuWeb Internet Hizmetleri, TR. The main domain is www.medyaninveridyeni.cf.xcloakers.tk.
TLS certificate: Issued by R3 on March 28th 2022. Valid for: 3 months.
This is the only time www.medyaninveridyeni.cf.xcloakers.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 185.171.88.238 211114 (NetuWeb I...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
1 46.45.154.70 42926 (RADORE)
1 185.102.219.172 60068 (CDN77 ^_^)
3 89.187.169.43 60068 (CDN77 ^_^)
18 6
9    185.171.88.238 (Turkey)

ASN211114 (NetuWeb Internet Hizmetleri, TR)
PTR: host.eniyisunucum.com
www.medyaninveridyeni.cf.xcloakers.tk
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700:7::a29f:9904 (United States)

ASN13335 (CLOUDFLARENET, US)
miro.medium.com
1    46.45.154.70 (Turkey)

ASN42926 (RADORE, TR)
PTR: server-46.45.154.70.as42926.net
www.donanimhaber.com
1    185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com
img-s2.onedio.com
3    89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-43.cdn77.com
img-s1.onedio.com
Apex Domain
Subdomains		 Transfer
9 xcloakers.tk
www.medyaninveridyeni.cf.xcloakers.tk
7 MB
4 onedio.com
img-s2.onedio.com — Cisco Umbrella Rank: 180104
img-s1.onedio.com — Cisco Umbrella Rank: 170715
207 KB
2 medium.com
miro.medium.com — Cisco Umbrella Rank: 17086
268 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1059
83 KB
1 donanimhaber.com
www.donanimhaber.com — Cisco Umbrella Rank: 213891
57 KB
18 5
Domain Requested by
9 www.medyaninveridyeni.cf.xcloakers.tk www.medyaninveridyeni.cf.xcloakers.tk
3 img-s1.onedio.com www.medyaninveridyeni.cf.xcloakers.tk
2 miro.medium.com www.medyaninveridyeni.cf.xcloakers.tk
2 maxcdn.bootstrapcdn.com www.medyaninveridyeni.cf.xcloakers.tk
maxcdn.bootstrapcdn.com
1 img-s2.onedio.com www.medyaninveridyeni.cf.xcloakers.tk
1 www.donanimhaber.com www.medyaninveridyeni.cf.xcloakers.tk
18 6

This site contains links to these domains. Also see Links.

Domain
onedio.com
Subject Issuer Validity Valid
medyaninveridyeni.cf.xcloakers.tk
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
medium.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2022-05-27		 3 months crt.sh
*.donanimhaber.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-28 -
2023-03-28		 a year crt.sh
*.onedio.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-12 -
2022-09-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.medyaninveridyeni.cf.xcloakers.tk/
Frame ID: 0C7A6191BDBC5B4A5BF2A34F7EBC076A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sosyal Medya Adına Her Şey Bizde - MedyaninVeridyeni

Detected technologies

Overall confidence: 100%
Detected patterns
  • medium\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

7586 kB
Transfer

7891 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.medyaninveridyeni.cf.xcloakers.tk/ 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
72486fd1791ec48ba7bacee1bdb0f0e64e6575d6fe1030bedd0fc5c532f23c68

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Mon, 28 Mar 2022 10:53:30 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
style.css
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/ 		680 B
352 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/style.css
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
8bec405cbf028cbef4195cd099449d76ebb10f52d07e5fdf6746be8335a0a993

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
content-encoding
br
last-modified
Sat, 14 Oct 2017 20:27:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
244
expires
Mon, 04 Apr 2022 10:53:30 GMT
bootstrap.css
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/css/ 		153 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/css/bootstrap.css
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
d16d3cd05c16d62ea653d0c9f30121d83cf6a1851a62cdd7bb92f4a2a9f406b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
content-encoding
br
last-modified
Sat, 14 Oct 2017 20:04:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18439
expires
Mon, 04 Apr 2022 10:53:30 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
5367507
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
cdn-requestcountrycode
US
cf-ray
6f2fd2906b959042-FRA
cdn-cache
HIT
cdn-requestpullsuccess
True
logo.png
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/img/logo.png
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
033133d16ea80d2533af13a8cc92e75c5a81771837d2f4062ff7867d50d2577c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
last-modified
Fri, 13 Oct 2017 08:43:40 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10431
expires
Mon, 04 Apr 2022 10:53:30 GMT
140gif.gif
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/img/ 		7 MB
7 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/img/140gif.gif
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
84e7828965b5f6705bd193d34ef344e295b35b7d508b394c28afe6331aaac89e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
last-modified
Fri, 13 Oct 2017 10:53:54 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7044261
expires
Mon, 04 Apr 2022 10:53:30 GMT
avatar.png
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/img/avatar.png
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
9ab25373cb8a022e5aa76bc94ac9e0e2ed1c2f4d3a0cb01594bafb412c1f4460

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
last-modified
Fri, 13 Oct 2017 11:36:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1086
expires
Mon, 04 Apr 2022 10:53:30 GMT
1*s8YNHR1yayStB155DzjU6A.jpeg
miro.medium.com/max/1400/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://miro.medium.com/max/1400/1*s8YNHR1yayStB155DzjU6A.jpeg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05847016932a5cb83fb53f966d320bfb3c85939b36fc5695ea5499e666c8479f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
237081
x-envoy-upstream-service-time
50
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
127732
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220322-153408-5d6507f242
accept-ranges
bytes
cf-ray
6f2fd2907e6b9122-FRA
expires
Wed, 27 Apr 2022 10:53:31 GMT
netflix-sifre-paylasimi-ucretli-olacak146333_0.jpg
www.donanimhaber.com/images/images/haber/146333/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.donanimhaber.com/images/images/haber/146333/netflix-sifre-paylasimi-ucretli-olacak146333_0.jpg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.45.154.70 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server-46.45.154.70.as42926.net
Software
nginx /
Resource Hash
536cb8eb374de2f2aea031ef68c49ac6c76d6fe879043124b03dfb65442f58e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
public
date
Mon, 28 Mar 2022 10:53:31 GMT
last-modified
Thu, 17 Mar 2022 06:30:03 GMT
server
nginx
etag
"6232d56b-e15b"
x-cache-status
HIT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
cache-control
max-age=2592000, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
57691
expires
Wed, 27 Apr 2022 10:52:12 GMT
s-0b506967928521af85e368461039db34426abc8a.jpg
img-s2.onedio.com/id-6234d17238df88cd1021a564/rev-0/w-635/f-jpg/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s2.onedio.com/id-6234d17238df88cd1021a564/rev-0/w-635/f-jpg/s-0b506967928521af85e368461039db34426abc8a.jpg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN / Express
Resource Hash
e3097e9be1bf7f2381f6c5a2d71511f7a944830eaad10220fa959f4cef3d4f16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
via
HTTP/2.0 Merlin CDN
age
0
x-powered-by
Express
x-cache
Hit from cloudfront
x-onedio-cache
FRONT
x-midtier
de-fra-dp-s02
content-length
150302
server
MerlinCDN
etag
W/"2df95-HiFTZ+OKJL/WmS9UHQwi0w"
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
de-fra-dp-s03
cache-control
public, max-age=31536000
x-ecache
MISS
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
vPVfrFGjB6fNFb_WBy0EeFG9xdSTcrqYDTZJPGkcveVnH5073hrgPg==
x-mcache
MISS
1*JBiZIo_O03l6A0f_80yIkA.jpeg
miro.medium.com/max/1400/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://miro.medium.com/max/1400/1*JBiZIo_O03l6A0f_80yIkA.jpeg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d0093a3e5bb5ba00d62fb5c1b71c8b792e9cc85f71c6d32f960e71fd0a4e2b6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-envoy-upstream-service-time
69
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
145716
pragma
public
sepia-upstream
medium
cf-bgj
h2pri
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/main-20220318-173603-4801247b54
accept-ranges
bytes
cf-ray
6f2fd2907e759122-FRA
expires
Wed, 27 Apr 2022 10:53:31 GMT
s-c2de8f7f746264539eb1629d5776b6057c175e45.jpg
img-s1.onedio.com/id-622f584e6ad7023c12cdb239/rev-0/w-300/h-150/f-jpg/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s1.onedio.com/id-622f584e6ad7023c12cdb239/rev-0/w-300/h-150/f-jpg/s-c2de8f7f746264539eb1629d5776b6057c175e45.jpg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / Express
Resource Hash
421937d3acf7f590a8994c67c5b9d39c9eae8438e39a82069eabfd02a976031d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
via
HTTP/2.0 Merlin CDN
age
64643
x-powered-by
Express
x-cache
Hit from cloudfront
x-midtier
de-fra-dp-s02
content-length
9342
server
MerlinCDN
etag
W/"36f5-cGvV3rAYGphHApyayICd2Q"
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
public, max-age=31536000
x-ecache
HIT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
5Ogfj0QIQEH5lr4qBg6W1SsXze9VwXgUk2btRLalrcJ8gRw3p6CfPw==
x-mcache
HIT
s-c77516d5c24c72d2a28f11daf7722bb25201f26d.jpg
img-s1.onedio.com/id-6235df05b63020721708f520/rev-0/w-635/f-jpg/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s1.onedio.com/id-6235df05b63020721708f520/rev-0/w-635/f-jpg/s-c77516d5c24c72d2a28f11daf7722bb25201f26d.jpg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / Express
Resource Hash
2cb58ca185aaeccb67b32ea7f8d508de1e0f100fabee0e275b1ec7a6b62b31c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
via
HTTP/2.0 Merlin CDN
age
766409
x-powered-by
Express
x-cache
Hit from cloudfront
x-onedio-cache
FRONT
x-midtier
de-fra-dp-s02
content-length
31706
server
MerlinCDN
etag
W/"be5d-rfTfpW5MuWm6+NdjyVb9Aw"
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
public, max-age=31536000
x-ecache
HIT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
5p3P9hL5cl28_nCbIsoC-SbFSh4tvoXjoNhpPphRNSswQrSynJRN2Q==
x-mcache
MISS
s-66038b6839552247e0bcfdf8c40d8b8439582583.jpg
img-s1.onedio.com/id-622d87ee7380edf60e52ef30/rev-0/w-635/f-jpg/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s1.onedio.com/id-622d87ee7380edf60e52ef30/rev-0/w-635/f-jpg/s-66038b6839552247e0bcfdf8c40d8b8439582583.jpg
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-43.cdn77.com
Software
MerlinCDN / Express
Resource Hash
46d26f6c206c98bcdc2934830738e948879733213b69174b6ce2a57d5abdb4d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
via
HTTP/2.0 Merlin CDN
age
1311635
x-powered-by
Express
x-cache
Hit from cloudfront
x-midtier
de-fra-dp-s02
content-length
18402
server
MerlinCDN
etag
W/"94f7-efQfkAaFn9iXFVv0Ji8KFA"
allow
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
x-edge
de-fra-dp-s01
cache-control
public, max-age=31536000
x-ecache
HIT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
8gTUhQDCbV7_HTVHDgxZE-guOBPzs2z0fUdxDQvYWfGWmuenW2HXmA==
x-mcache
HIT
jquery-3.2.1.slim.min.js
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/js/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/js/jquery-3.2.1.slim.min.js
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
a94921b8ec98200b57722e3d0c10cecbb63886c2839e2ff63b8c5b7525bd93d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
content-encoding
br
last-modified
Wed, 04 Oct 2017 20:05:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23384
expires
Mon, 04 Apr 2022 10:53:30 GMT
popper.js
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/js/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/js/popper.js
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
8d94aa4207af5da655e719ba649764f83c3bfcc353f5eec603f75bc3ebe42632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
content-encoding
br
last-modified
Wed, 04 Oct 2017 20:06:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20269
expires
Mon, 04 Apr 2022 10:53:30 GMT
bootstrap.min.js
www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/js/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medyaninveridyeni.cf.xcloakers.tk/theme/140journos/js/bootstrap.min.js
Requested by
Host: www.medyaninveridyeni.cf.xcloakers.tk
URL: https://www.medyaninveridyeni.cf.xcloakers.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.171.88.238 , Turkey, ASN211114 (NetuWeb Internet Hizmetleri, TR),
Reverse DNS
host.eniyisunucum.com
Software
LiteSpeed /
Resource Hash
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.medyaninveridyeni.cf.xcloakers.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:30 GMT
content-encoding
br
last-modified
Thu, 10 Aug 2017 17:51:22 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12421
expires
Mon, 04 Apr 2022 10:53:30 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.medyaninveridyeni.cf.xcloakers.tk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:53:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 718
age
47
cdn-cachedat
2021-08-02 20:43:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a3c62cb230d1f6996a67476c488dc2bb
accept-ranges
bytes
cf-ray
6f2fd2914f6f994a-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| Popper

1 Cookies

Domain/Path Name / Value
.medium.com/ Name: __cfruid
Value: c7d134a6d51f8d5e0f83e6f24a10d5c1d0e5a2bd-1648464811

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img-s1.onedio.com
img-s2.onedio.com
maxcdn.bootstrapcdn.com
miro.medium.com
www.donanimhaber.com
www.medyaninveridyeni.cf.xcloakers.tk
185.102.219.172
185.171.88.238
2606:4700:7::a29f:9904
2606:4700::6812:acf
46.45.154.70
89.187.169.43
033133d16ea80d2533af13a8cc92e75c5a81771837d2f4062ff7867d50d2577c
05847016932a5cb83fb53f966d320bfb3c85939b36fc5695ea5499e666c8479f
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
1d0093a3e5bb5ba00d62fb5c1b71c8b792e9cc85f71c6d32f960e71fd0a4e2b6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb58ca185aaeccb67b32ea7f8d508de1e0f100fabee0e275b1ec7a6b62b31c2
421937d3acf7f590a8994c67c5b9d39c9eae8438e39a82069eabfd02a976031d
46d26f6c206c98bcdc2934830738e948879733213b69174b6ce2a57d5abdb4d2
536cb8eb374de2f2aea031ef68c49ac6c76d6fe879043124b03dfb65442f58e8
72486fd1791ec48ba7bacee1bdb0f0e64e6575d6fe1030bedd0fc5c532f23c68
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e7828965b5f6705bd193d34ef344e295b35b7d508b394c28afe6331aaac89e
8bec405cbf028cbef4195cd099449d76ebb10f52d07e5fdf6746be8335a0a993
8d94aa4207af5da655e719ba649764f83c3bfcc353f5eec603f75bc3ebe42632
9ab25373cb8a022e5aa76bc94ac9e0e2ed1c2f4d3a0cb01594bafb412c1f4460
a94921b8ec98200b57722e3d0c10cecbb63886c2839e2ff63b8c5b7525bd93d1
d16d3cd05c16d62ea653d0c9f30121d83cf6a1851a62cdd7bb92f4a2a9f406b2
e3097e9be1bf7f2381f6c5a2d71511f7a944830eaad10220fa959f4cef3d4f16