buyfromturkeyforme.com Open in urlscan Pro
185.106.209.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buyfromturkeyforme.com/
Submission: On June 30 via api (June 30th 2024, 12:18:41 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 44 HTTP transactions. The main IP is 185.106.209.66, located in Turkey and belongs to GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR. The main domain is buyfromturkeyforme.com.
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.

This is the only time buyfromturkeyforme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	185.106.209.66 185.106.209.66	42846 (GUZELHOST...) (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S.)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
44	7

26 185.106.209.66 (Turkey) 1 redirects

ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR)
PTR: 66eay9lw.guzel.net.tr

buyfromturkeyforme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	buyfromturkeyforme.com 1 redirects buyfromturkeyforme.com	601 KB
10	gstatic.com fonts.gstatic.com	246 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744	129 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	196 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	7 KB
0	betterstudio.com Failed demo.betterstudio.com Failed
44	6

	Domain	Requested by
26	buyfromturkeyforme.com	1 redirects buyfromturkeyforme.com
10	fonts.gstatic.com	fonts.googleapis.com buyfromturkeyforme.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	pagead2.googlesyndication.com	buyfromturkeyforme.com pagead2.googlesyndication.com
2	fonts.googleapis.com	buyfromturkeyforme.com
0	demo.betterstudio.com Failed	buyfromturkeyforme.com
44	6

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
youtube.com
instagram.com
betterstudio.com

Subject Issuer	Validity	Valid
buyfromturkeyforme.com R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://buyfromturkeyforme.com/
Frame ID: AF3B96F4B8A2AC731B2C18DBD993453A
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy From Turkey - A Get is Easy Information in Turkey Life Travel Beauty Culture Beautiful

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

44
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1179 kB
Transfer

3762 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BetterSTU
Title: Likes

Search URL Search Domain Scan URL

URL: https://twitter.com/BetterSTU
Title: Followers

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCrNkHRTRk33C9hzYij4B5ng
Title: Subscribers

Search URL Search Domain Scan URL

URL: https://instagram.com/betterstudio
Title: Followers

Search URL Search Domain Scan URL

URL: http://betterstudio.com/
Title: BetterStudio

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png HTTP 301
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png

Request Chain 43

https://buyfromturkeyforme.com/favicon.ico HTTP 302
https://buyfromturkeyforme.com/wp-includes/images/w-logo-blue-white-bg.png

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
buyfromturkeyforme.com/ 97 KB
17 KB 280ms
110ms Document
text/html 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: d61902ca5aab5296d424d7ff24ff288e4722778ebe74ae86508789564de2d19b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17366
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jun 2024 00:18:31 GMT
Expires: Sun, 30 Jun 2024 00:18:31 GMT
Last-Modified: Sat, 29 Jun 2024 22:25:46 GMT
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PleskLin

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 82ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Requested by

Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31c6be06e2e88091a6967161487fc70e42f89226263f36e603f08d70cba991fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jun 2024 00:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 23:53:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jun 2024 00:18:34 GMT

GET
H/1.1 200
OK style.min.css
buyfromturkeyforme.com/wp-includes/css/dist/block-library/ 111 KB
14 KB 77ms
74ms Stylesheet
text/css 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Sat, 06 Apr 2024 06:28:13 GMT
Server: nginx
ETag: W/"6610eb7d-1bae5"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK bbpress.min.css
buyfromturkeyforme.com/wp-content/themes/publisher/css/ 30 KB
5 KB 143ms
66ms Stylesheet
text/css 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/themes/publisher/css/bbpress.min.css?ver=2.6.9
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 08d4d64e0fc764e45a4f435d4a829e0591bc72efafc69aeb66f2dd9c108ce3c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Thu, 24 Mar 2022 09:04:31 GMT
Server: nginx
ETag: W/"623c341f-7776"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK js_composer.min.css
buyfromturkeyforme.com/wp-content/plugins/js_composer/assets/css/ 454 KB
39 KB 213ms
69ms Stylesheet
text/css 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=7.4
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 0b5eb15792f0bed3401d63b847417e8ed21b5e59f688c92594a82f81d84b4f0a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Sat, 06 Apr 2024 00:01:40 GMT
Server: nginx
ETag: W/"661090e4-717ef"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK jquery.min.js Show response
buyfromturkeyforme.com/wp-includes/js/jquery/ 86 KB
29 KB 471ms
61ms Script
application/javascript 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Mon, 28 Aug 2023 17:14:23 GMT
Server: nginx
ETag: W/"64ecd5ef-15601"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
buyfromturkeyforme.com/wp-includes/js/jquery/ 13 KB
5 KB 500ms
55ms Script
application/javascript 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Fri, 09 Jun 2023 05:49:24 GMT
Server: nginx
ETag: W/"6482bd64-3509"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
52 KB 71ms
55ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1624925335229434

Requested by

Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

676d5202912f481acab43827a0917f7d6b2b136de3128bab4bcadf817b26cf04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53145
x-xss-protection: 0
server: cafe
etag: 2007501161800713331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 30 Jun 2024 00:18:35 GMT

GET
H/1.1 200
OK 47ae40ff3a634e979346d22bb83ff9ef.css
buyfromturkeyforme.com/wp-content/bs-booster-cache/ 786 KB
96 KB 453ms
131ms Stylesheet
text/css 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/47ae40ff3a634e979346d22bb83ff9ef.css
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: ab88d3973ac171ad8da1d3655f58df1d1af88328e3dfda5a59fed86a3723a7f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Mon, 22 Apr 2024 09:12:22 GMT
Server: nginx
ETag: W/"662629f6-c4783"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK c78c537e9994a6b1182bea37e806b45d.css
buyfromturkeyforme.com/wp-content/bs-booster-cache/ 39 KB
5 KB 407ms
78ms Stylesheet
text/css 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/c78c537e9994a6b1182bea37e806b45d.css
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: df14d306c2ac20131f5b186676cfe26efcef6d05b3765c58935ad4d645bc3a69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Mon, 22 Apr 2024 09:12:22 GMT
Server: nginx
ETag: W/"662629f6-9c79"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK trender-mag-Off-Canvas-Logo.png
buyfromturkeyforme.com/wp-content/uploads/2022/03/ 830 B
1 KB 361ms
54ms Image
image/png 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/03/trender-mag-Off-Canvas-Logo.png
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: a3b56787fa0e0b54a8826d1991e1a9abb63321f4168f9fa0859c42c257d4553a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Thu, 24 Mar 2022 09:13:15 GMT
Server: nginx
X-Accel-Version: 0.01
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 830
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK trender-mag-Header-Logo.png
buyfromturkeyforme.com/wp-content/uploads/2022/03/ 682 B
1 KB 201ms
55ms Image
image/png 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/03/trender-mag-Header-Logo.png
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: c564929c53d5f5c2522d6540c5f0209c909e479e2269761ab708ecd4cc90a03a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Thu, 24 Mar 2022 09:13:15 GMT
Server: nginx
X-Accel-Version: 0.01
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 682
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET

Footer-Logo.png
demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/
Redirect Chain

https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png
https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png

0
0

GET
H/1.1 200
OK js_composer_front.min.js Show response
buyfromturkeyforme.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 58ms
56ms Script
application/javascript 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=7.4
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: c30b6d9818f986da2367e411cebf9aa5bf2eb3580a1bf3acb573f9481f0de5ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Sat, 06 Apr 2024 00:01:40 GMT
Server: nginx
ETag: W/"661090e4-5115"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK a98ceabd92c442022ceb4cdcdc9108f8.js Show response
buyfromturkeyforme.com/wp-content/bs-booster-cache/ 253 KB
70 KB 69ms
69ms Script
application/javascript 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/a98ceabd92c442022ceb4cdcdc9108f8.js?ver=6.5.5
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 1e3dc05e6d7a43686c30c89b3b257fe73f98c4b9addb01f915536e3a67761e64

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Content-Encoding: br
Last-Modified: Fri, 05 Apr 2024 22:54:07 GMT
Server: nginx
ETag: W/"6610810f-3f3a4"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Expires: Mon, 30 Jun 2025 00:18:32 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
buyfromturkeyforme.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 116ms
114ms Font
font/woff2 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/47ae40ff3a634e979346d22bb83ff9ef.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/47ae40ff3a634e979346d22bb83ff9ef.css
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Thu, 24 Mar 2022 09:11:09 GMT
Server: nginx
ETag: "623c35ad-12d68"
X-Powered-By: PleskLin
Content-Type: font/woff2
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
Expires: Tue, 30 Jul 2024 00:18:32 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 42ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:11:45 GMT
x-content-type-options: nosniff
age: 378410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:11:45 GMT

GET
H/1.1 200
OK bs-icons.woff
buyfromturkeyforme.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 56ms
55ms Font
application/font-woff 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/47ae40ff3a634e979346d22bb83ff9ef.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/wp-content/bs-booster-cache/47ae40ff3a634e979346d22bb83ff9ef.css
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Thu, 24 Mar 2022 09:11:07 GMT
Server: nginx
ETag: "623c35ab-361c"
X-Powered-By: PleskLin
Content-Type: application/font-woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13852
Expires: Tue, 30 Jul 2024 00:18:32 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 48ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 17:07:09 GMT
x-content-type-options: nosniff
age: 198686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 17:07:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 45ms
13ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:03:16 GMT
x-content-type-options: nosniff
age: 378919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:03:16 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 48ms
16ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:48:44 GMT
x-content-type-options: nosniff
age: 379791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:48:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
fonts.gstatic.com/s/poppins/v21/ 5 KB
6 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d52320b7513a9e20df42e02b61709b91a5c2c2a25708225c664eb4639f3b0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:58:38 GMT
x-content-type-options: nosniff
age: 379197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5400
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:58:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 49ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:09:32 GMT
x-content-type-options: nosniff
age: 184143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:09:32 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v21/ 5 KB
6 KB 42ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:05:48 GMT
x-content-type-options: nosniff
age: 378767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5552
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:05:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 50ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C700%2C600%2C500%7CRoboto%3A500%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:18:03 GMT
x-content-type-options: nosniff
age: 183632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:18:03 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 425 KB
144 KB 108ms
69ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1624925335229434&plah=buyfromturkeyforme.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1624925335229434

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

87c2abfe208620989ea5544dbf23f365c73c02ff29516a9a56db530d7655130a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147009
x-xss-protection: 0
server: cafe
etag: 13702965228346807247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:18:35 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK asuman-of-gonul-mountain-shook-the-social-media-with-hazal-caglar-poses-SSpiYPCm.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/05/ 60 KB
61 KB 73ms
72ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/05/asuman-of-gonul-mountain-shook-the-social-media-with-hazal-caglar-poses-SSpiYPCm.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 7b2cbcc64eaad19bbc78da8d8756835d2f93f3051f712da1f4b191ff5386dbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 04 May 2022 15:27:03 GMT
Server: nginx
ETag: "62729b47-f16d"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61805
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK family-pose-from-bengu-he-showed-his-son-selims-face-for-the-first-time-IeQs72A3-750x430.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/05/ 79 KB
79 KB 64ms
63ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/05/family-pose-from-bengu-he-showed-his-son-selims-face-for-the-first-time-IeQs72A3-750x430.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 80c6e0535c5a5574c90c0df01489855cd6510bd0d71c545db1033302e8271251

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 04 May 2022 15:00:08 GMT
Server: nginx
ETag: "627294f8-13a27"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80423
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK husnu-shepherds-face-did-not-smile-again-in-the-back-sokaklar-series-is-she-leaving-the-show-fHKrCYRZ-357x210.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/05/ 17 KB
17 KB 129ms
128ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/05/husnu-shepherds-face-did-not-smile-again-in-the-back-sokaklar-series-is-she-leaving-the-show-fHKrCYRZ-357x210.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 9f7aad0aa16163fcc0c957f1ccdc9136e4d84e20253dd0d1988a1650712b1738

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 04 May 2022 13:19:06 GMT
Server: nginx
ETag: "62727d4a-43c3"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17347
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK nostalgic-games-5KrmMThc-357x210.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/05/ 14 KB
14 KB 116ms
115ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/05/nostalgic-games-5KrmMThc-357x210.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 521ca1677d6bf853553043a910f5442a6771ed08e95b91c3385be17d8d3643a8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 04 May 2022 12:08:08 GMT
Server: nginx
ETag: "62726ca8-3768"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14184
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK asuman-of-gonul-mountain-shook-the-social-media-with-hazal-caglar-poses-SSpiYPCm-357x210.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/05/ 13 KB
13 KB 119ms
118ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/05/asuman-of-gonul-mountain-shook-the-social-media-with-hazal-caglar-poses-SSpiYPCm-357x210.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: e2fce1730b6476b8898be7b0776b03823081fac4da2127947575d0b4c8149ccd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 04 May 2022 15:27:04 GMT
Server: nginx
ETag: "62729b48-3292"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12946
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK family-pose-from-bengu-he-showed-his-son-selims-face-for-the-first-time-IeQs72A3-357x210.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/05/ 23 KB
23 KB 63ms
63ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/05/family-pose-from-bengu-he-showed-his-son-selims-face-for-the-first-time-IeQs72A3-357x210.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: dd8565cff16e4e367056ff55e6e72e3deeee2123eb2850385e7356aeff6c0333

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 04 May 2022 15:00:08 GMT
Server: nginx
ETag: "627294f8-5b04"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23300
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK midyeci-ahmet-answered-his-ex-wife-by-crying-he-punched-the-table-NgBicCW7-86x64.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/04/ 3 KB
3 KB 55ms
55ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/04/midyeci-ahmet-answered-his-ex-wife-by-crying-he-punched-the-table-NgBicCW7-86x64.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 56e7cdbb858649c96d978fc917d8e6ce54269e2400f370ae41111d3e80256d43

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:32 GMT
Last-Modified: Wed, 06 Apr 2022 13:15:01 GMT
Server: nginx
ETag: "624d9255-a30"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2608
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK nobel-prize-winning-writer-orhan-pamuk-and-asli-akyavas-got-married-rib5D92R-86x64.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/04/ 2 KB
3 KB 58ms
58ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/04/nobel-prize-winning-writer-orhan-pamuk-and-asli-akyavas-got-married-rib5D92R-86x64.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 9b08488113b00880f1e1fa65b66ea69bd917b433c258f9e7c5a235a822daeac6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:33 GMT
Last-Modified: Wed, 06 Apr 2022 22:15:57 GMT
Server: nginx
ETag: "624e111d-968"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2408
Expires: Mon, 28 Oct 2024 00:18:32 GMT

GET
H/1.1 200
OK pinar-deniz-she-doesnt-speak-turkish-i-was-speaking-arabic-uexj36E3-86x64.jpg
buyfromturkeyforme.com/wp-content/uploads/2022/04/ 2 KB
2 KB 55ms
54ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/04/pinar-deniz-she-doesnt-speak-turkish-i-was-speaking-arabic-uexj36E3-86x64.jpg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: e1b92b4ac62da492dc60190b447074cb9e7055aafeab85d0a1318148b2f992a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:33 GMT
Last-Modified: Wed, 06 Apr 2022 07:46:58 GMT
Server: nginx
ETag: "624d4572-73a"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1850
Expires: Mon, 28 Oct 2024 00:18:33 GMT

GET
H/1.1 200
OK south-korean-star-song-joong-ki-came-to-istanbul-who-is-song-joong-ki-9iMEQCc7-86x64.jpeg
buyfromturkeyforme.com/wp-content/uploads/2022/04/ 2 KB
2 KB 55ms
55ms Image
image/jpeg 185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buyfromturkeyforme.com/wp-content/uploads/2022/04/south-korean-star-song-joong-ki-came-to-istanbul-who-is-song-joong-ki-9iMEQCc7-86x64.jpeg
Requested by: Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: dd2f3f1acbb1132234abf8b56c90d432f30030091d375764a0c5a5affece4f7c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 00:18:33 GMT
Last-Modified: Sat, 09 Apr 2022 20:59:54 GMT
Server: nginx
ETag: "6251f3ca-870"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2160
Expires: Mon, 28 Oct 2024 00:18:33 GMT

GET
H2 200 ca-pub-1624925335229434 Show response
fundingchoicesmessages.google.com/i/ 199 KB
66 KB 83ms
37ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1624925335229434?href=https%3A%2F%2Fbuyfromturkeyforme.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1624925335229434&plah=buyfromturkeyforme.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f725f7dbd3137ca47c6521ec8e6a464a54463828d4ebe4d0eb913b1f7536b034

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Th7hmngP1KNhy-XbzJFJDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:18:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-Th7hmngP1KNhy-XbzJFJDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLhuH2iaQubwIHru64xKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAAFADo7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW5-IRk5w_UPbRrz5Wrm395jjNgGwuCHBMXQOZiOsTMguTRTmXmL_GZXzVCzcZJeNfUxtafNIOS21SLClF3ncpx3DGhPmB68OACFfF04weaQpC-XTr3ELUjwYzamSYtEtGOsNKJFg== Show response
fundingchoicesmessages.google.com/f/ 415 KB
63 KB 102ms
101ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW5-IRk5w_UPbRrz5Wrm395jjNgGwuCHBMXQOZiOsTMguTRTmXmL_GZXzVCzcZJeNfUxtafNIOS21SLClF3ncpx3DGhPmB68OACFfF04weaQpC-XTr3ELUjwYzamSYtEtGOsNKJFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5NzA2NzE1LDUxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9idXlmcm9tdHVya2V5Zm9ybWUuY29tLyIsbnVsbCxbWzgsIkJfb0VCc29ia0k4Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyn83M36DZ2RkEdTGyN5ApAGrHPpw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fac2a0be1d528c0a17c24cae559d64484aa3ffee217aec7a5a3f4c8bcbcf2ab4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XZ04hWmSTTigMEO4UjKcsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 00:18:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XZ04hWmSTTigMEO4UjKcsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLhuH2iaQubwIK2XQuZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzIzM9QxM4wsMAO0-OaE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.B_oEBsobkI8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwgEfJQzVlnfjC1ZBqQR134It2EfQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jun 2024 00:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jun 2024 00:18:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jun 2024 00:18:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 22:09:26 GMT
x-content-type-options: nosniff
age: 180549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 22:09:26 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: buyfromturkeyforme.com
URL: https://buyfromturkeyforme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://buyfromturkeyforme.com/
Origin: https://buyfromturkeyforme.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 18:40:54 GMT
x-content-type-options: nosniff
age: 193061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 18:40:54 GMT

POST
H3 204 AGSKWxVCMtEVvcxoq2THEsluq3F2PP3GGjZJ5Fz4S5cgEpX9nrN33Pi8RRNusliqNZIFrqgR89jqqk3Ih6XCVDo0gYm8NSoIOVFAVFz7NbgPXmqiUCyrScGrFGPQ9FU0UR-ne18j53FXuw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
55ms XHR
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVCMtEVvcxoq2THEsluq3F2PP3GGjZJ5Fz4S5cgEpX9nrN33Pi8RRNusliqNZIFrqgR89jqqk3Ih6XCVDo0gYm8NSoIOVFAVFz7NbgPXmqiUCyrScGrFGPQ9FU0UR-ne18j53FXuw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-piERcGL5BtAhoX2qc3xoqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jun 2024 00:18:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-piERcGL5BtAhoX2qc3xoqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzXHnRNMWNoGGtiu8Si5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwMzIXM_ALL7AAAAAtyrp"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buyfromturkeyforme.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVCMtEVvcxoq2THEsluq3F2PP3GGjZJ5Fz4S5cgEpX9nrN33Pi8RRNusliqNZIFrqgR89jqqk3Ih6XCVDo0gYm8NSoIOVFAVFz7NbgPXmqiUCyrScGrFGPQ9FU0UR-ne18j53FXuw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xkz2tD9r2Eqq5qNyVVqrVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://buyfromturkeyforme.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Jun 2024 00:18:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-xkz2tD9r2Eqq5qNyVVqrVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3H7RNMWNoEdu97cYlZyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAcDQsNg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buyfromturkeyforme.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

w-logo-blue-white-bg.png
buyfromturkeyforme.com/wp-includes/images/
Redirect Chain

https://buyfromturkeyforme.com/favicon.ico
https://buyfromturkeyforme.com/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

55ms
55ms

Other
image/png

185.106.209.66
GUZELHOSTING GNET...

General

Check archive.org

Show headers Download Go to

Full URL: https://buyfromturkeyforme.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol: HTTP/1.1
Server: 185.106.209.66 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS: 66eay9lw.guzel.net.tr
Software: nginx / PleskLin
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://buyfromturkeyforme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 30 Jun 2024 00:18:34 GMT
Last-Modified: Tue, 16 Nov 2021 00:04:01 GMT
Server: nginx
ETag: "6192f571-1017"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=10368000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4119
Expires: Mon, 28 Oct 2024 00:18:34 GMT

Redirect headers

Date: Sun, 30 Jun 2024 00:18:33 GMT
Server: nginx
X-Redirect-By: WordPress
X-Powered-By: PHP/8.2.20, PleskLin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Location: https://buyfromturkeyforme.com/wp-includes/images/w-logo-blue-white-bg.png
Cache-Control: max-age=0
Connection: keep-alive
Link: <https://buyfromturkeyforme.com/wp-json/>; rel="https://api.w.org/"
Content-Length: 0
Expires: Sun, 30 Jun 2024 00:18:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: demo.betterstudio.com
URL: https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://buyfromturkeyforme.com/ Message: Mixed Content: The page at 'https://buyfromturkeyforme.com/' was loaded over HTTPS, but requested an insecure element 'http://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://buyfromturkeyforme.com/(Line 792) Message: Mixed Content: The page at 'https://buyfromturkeyforme.com/' was loaded over HTTPS, but requested an insecure element 'http://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://demo.betterstudio.com/publisher/trender-mag/wp-content/uploads/sites/482/2018/12/Footer-Logo.png Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
recommendation	verbose	URL: https://buyfromturkeyforme.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buyfromturkeyforme.com
demo.betterstudio.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
demo.betterstudio.com
142.250.186.174
172.217.16.194
185.106.209.66
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200e
08d4d64e0fc764e45a4f435d4a829e0591bc72efafc69aeb66f2dd9c108ce3c7
0b5eb15792f0bed3401d63b847417e8ed21b5e59f688c92594a82f81d84b4f0a
1e3dc05e6d7a43686c30c89b3b257fe73f98c4b9addb01f915536e3a67761e64
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31c6be06e2e88091a6967161487fc70e42f89226263f36e603f08d70cba991fb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d52320b7513a9e20df42e02b61709b91a5c2c2a25708225c664eb4639f3b0fd
521ca1677d6bf853553043a910f5442a6771ed08e95b91c3385be17d8d3643a8
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56e7cdbb858649c96d978fc917d8e6ce54269e2400f370ae41111d3e80256d43
676d5202912f481acab43827a0917f7d6b2b136de3128bab4bcadf817b26cf04
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
7b2cbcc64eaad19bbc78da8d8756835d2f93f3051f712da1f4b191ff5386dbd7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80c6e0535c5a5574c90c0df01489855cd6510bd0d71c545db1033302e8271251
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
87c2abfe208620989ea5544dbf23f365c73c02ff29516a9a56db530d7655130a
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9b08488113b00880f1e1fa65b66ea69bd917b433c258f9e7c5a235a822daeac6
9f7aad0aa16163fcc0c957f1ccdc9136e4d84e20253dd0d1988a1650712b1738
a3b56787fa0e0b54a8826d1991e1a9abb63321f4168f9fa0859c42c257d4553a
a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189
ab88d3973ac171ad8da1d3655f58df1d1af88328e3dfda5a59fed86a3723a7f6
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c30b6d9818f986da2367e411cebf9aa5bf2eb3580a1bf3acb573f9481f0de5ab
c564929c53d5f5c2522d6540c5f0209c909e479e2269761ab708ecd4cc90a03a
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d61902ca5aab5296d424d7ff24ff288e4722778ebe74ae86508789564de2d19b
dd2f3f1acbb1132234abf8b56c90d432f30030091d375764a0c5a5affece4f7c
dd8565cff16e4e367056ff55e6e72e3deeee2123eb2850385e7356aeff6c0333
df14d306c2ac20131f5b186676cfe26efcef6d05b3765c58935ad4d645bc3a69
e1b92b4ac62da492dc60190b447074cb9e7055aafeab85d0a1318148b2f992a7
e2fce1730b6476b8898be7b0776b03823081fac4da2127947575d0b4c8149ccd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f725f7dbd3137ca47c6521ec8e6a464a54463828d4ebe4d0eb913b1f7536b034
fac2a0be1d528c0a17c24cae559d64484aa3ffee217aec7a5a3f4c8bcbcf2ab4

buyfromturkeyforme.com Open in urlscan Pro 185.106.209.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

7 IPs

3 Countries

1179 kBTransfer

3762 kBSize

0 Cookies

5 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buyfromturkeyforme.com Open in urlscan Pro
185.106.209.66 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

1179 kB
Transfer

3762 kB
Size

0
Cookies

44 HTTP transactions
1 data transactions