securitim.ga Open in urlscan Pro
::ffff:238:f00a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://en.novemtech.com/
Effective URL:
http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
Submission: On January 14 via automatic, source urlhaus (January 14th 2020, 6:49:02 pm UTC)

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 6 countries across 7 domains to perform 89 HTTP transactions. The main IP is ::ffff:238:f00a, located in and belongs to . The main domain is securitim.ga.

This is the only time securitim.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
28	94.102.76.90 94.102.76.90	8685 (DORUKNET) (DORUKNET)
2	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	134.249.116.78 134.249.116.78	15895 (KSNET-AS) (KSNET-AS)
1 33	::ffff:238:f00a ::ffff:238:f00a	() ()
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	185.50.248.72 185.50.248.72	209813 (FASTCONTENT) (FASTCONTENT)
89	7

28 94.102.76.90 (Turkey)

ASN8685 (DORUKNET, TR)
PTR: mail.stardekor.com.tr

en.novemtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.249.116.78 (Lviv, Ukraine)

ASN15895 (KSNET-AS, UA)
PTR: 134-249-116-78.broadband.kyivstar.net

134.249.116.78	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 ::ffff:238:f00a (None, ) 1 redirects

ASN- ()

securitim.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.50.248.72 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

tdsjsext1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	securitim.ga securitim.ga Failed	611 KB
28	novemtech.com en.novemtech.com	238 KB
5	yandex.ru 1 redirects mc.yandex.ru	95 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	tdsjsext1.com tdsjsext1.com	877 B
0	google-analytics.com Failed www.google-analytics.com Failed
0	ysmyazilim.com Failed nt.ysmyazilim.com Failed
89	7

	Domain	Requested by
33	securitim.ga	134.249.116.78 securitim.ga
28	en.novemtech.com	en.novemtech.com
5	mc.yandex.ru	1 redirects securitim.ga
2	fonts.googleapis.com	en.novemtech.com
1	tdsjsext1.com	securitim.ga
0	www.google-analytics.com Failed	en.novemtech.com
0	nt.ysmyazilim.com Failed	en.novemtech.com
89	7

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
tdsjsext1.com Let's Encrypt Authority X3	`2019-12-14` - `2020-03-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
Frame ID: FC77C78F770FF7D4DF54F87F6E7DE9E9
Requests: 89 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://en.novemtech.com/ Page URL
http://134.249.116.78/?key=azYVBDryCouNj8A3XRbkPB6Elx2fdTLT Page URL
http://134.249.116.78/cloud.php Page URL
http://securitim.ga/index/?6871568466678 HTTP 302
http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7 Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

89
Requests

7 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

6
Countries

945 kB
Transfer

1438 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://en.novemtech.com/ Page URL
http://134.249.116.78/?key=azYVBDryCouNj8A3XRbkPB6Elx2fdTLT Page URL
http://134.249.116.78/cloud.php Page URL
http://securitim.ga/index/?6871568466678 HTTP 302
http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://mc.yandex.ru/watch/56716639?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-20200114214829f99b7&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579027709271%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200114194830%3Aet%3A1579027711%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A712858767%3Ahid%3A34970112%3Ads%3A0%2C0%2C559%2C234%2C879%2C800%2C1%2C%2C%2C%2C%2C%2C%3Awn%3A46259%3Ahl%3A3%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1579027711%3Au%3A1579027711878957923%3At%3A2020%20Annual%20Visitor%20Survey HTTP 302
https://mc.yandex.ru/watch/56716639/1?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-20200114214829f99b7&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579027709271%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200114194830%3Aet%3A1579027711%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A712858767%3Ahid%3A34970112%3Ads%3A0%2C0%2C559%2C234%2C879%2C800%2C1%2C%2C%2C%2C%2C%2C%3Awn%3A46259%3Ahl%3A3%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1579027711%3Au%3A1579027711878957923%3At%3A2020%20Annual%20Visitor%20Survey

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
en.novemtech.com/ 29 KB
9 KB 2488ms
2401ms Document
text/html 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c271381c7f2891d1bbf12d9f35912487b697a766b9f9ba96bfe753d421af0d76

Request headers

Host: en.novemtech.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Pingback: http://en.novemtech.com/xmlrpc.php
Link: <http://en.novemtech.com/?p=88>; rel=shortlink
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Length: 8407

GET
H/1.1 200
OK styles.css
en.novemtech.com/wp-content/plugins/contact-form-7/includes/css/ 740 B
779 B 116ms
109ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=3.6
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 54ad8f27e3c79f7a33df4881810d588264cb0abba96cec7492e409c17e621190

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0a3c7535bf7ce1:0"
Last-Modified: Thu, 12 Dec 2013 16:58:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 457

GET
H/1.1 200
OK style.css
en.novemtech.com/wp-content/plugins/nextgen-flex-slider-template/css/ 6 KB
2 KB 110ms
103ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-flex-slider-template/css/style.css?ver=1.0.1
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0557d9ebec9ff6407efd36c4ad999a4dfa719f842d2221c0f39e6296764e0327

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "31d9c7da371bcf1:0"
Last-Modified: Mon, 27 Jan 2014 08:14:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2152

GET
H/1.1 200
OK nggallery.css
en.novemtech.com/wp-content/plugins/nextgen-gallery/css/ 7 KB
3 KB 116ms
109ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-gallery/css/nggallery.css?ver=1.0.0
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 56c71ca2315aebc158fd0601ac1682265e4c31360b48a6a638f5c7323761d01a

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "eee6fffc461ccf1:0"
Last-Modified: Tue, 28 Jan 2014 16:35:43 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2358

GET
H/1.1 200
OK shutter-reloaded.css
en.novemtech.com/wp-content/plugins/nextgen-gallery/shutter/ 1 KB
1 KB 110ms
102ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.css?ver=1.3.4
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c514e2d1f0b9ce46d5450eaff7ff0e370fd0b66eebe7a4f3b7897126bbc12758

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "032e27a95bce1:0"
Last-Modified: Fri, 15 Feb 2013 15:59:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 796

GET
H/1.1 200
OK style.css
en.novemtech.com/wp-content/themes/interface/ 57 KB
15 KB 122ms
115ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/themes/interface/style.css?ver=3.8.32
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7863ea7741829c86e93be3006b7b6c1a96dca46efdc158b56755a8628bb6bb19

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "b4efe7e8c34d01:0"
Last-Modified: Thu, 20 Nov 2014 13:14:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 14940

GET
H/1.1 200
OK responsive.css
en.novemtech.com/wp-content/themes/interface/css/ 9 KB
3 KB 118ms
67ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/themes/interface/css/responsive.css?ver=3.8.32
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6eca9b6ba93c6c555cbed4ffa6015471dfadc58c515fbddafa41fa1df95a7e70

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0a11761a862cf1:0"
Last-Modified: Mon, 28 Apr 2014 06:09:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2673

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 24ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Sans%3A400%2C700italic%2C700%2C400italic&ver=3.8.32

Requested by

Host: en.novemtech.com
URL: http://en.novemtech.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

dc66d959911ac180fca2aeeaaac03fed7edd5686b0bfb6d08bcd691d8b04892e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jan 2020 18:48:28 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 14 Jan 2020 18:48:28 GMT

GET
H/1.1 200
OK app.css
en.novemtech.com/wp-content/plugins/simple-lightbox/client/css/ 238 B
527 B 161ms
51ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.3.1
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ac37412021fb1b48785fd1e76b3250ca274c73f281b9b7cd9d92aa8cd3c25465

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0af199d5753cf1:0"
Last-Modified: Tue, 08 Apr 2014 18:23:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 205

GET
H/1.1 200
OK featured-post.css
en.novemtech.com/wp-content/plugins/featured-post-with-thumbnail/ 2 KB
1 KB 166ms
55ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/featured-post-with-thumbnail/featured-post.css?ver=3.8.32
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5eff118c95dd8f08df299d0c46f70740efdff80841e6a7af8bed940e2b8a2163

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "1ee0b06b3a65cf1:0"
Last-Modified: Thu, 01 May 2014 12:39:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 862

GET
H/1.1 200
OK jquery.js Show response
en.novemtech.com/wp-includes/js/jquery/ 91 KB
41 KB 192ms
76ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "05f3718749ece1:0"
Last-Modified: Wed, 21 Aug 2013 13:41:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 41673

GET
H/1.1 200
OK jquery-migrate.min.js Show response
en.novemtech.com/wp-includes/js/jquery/ 7 KB
4 KB 184ms
65ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "079db82a887ce1:0"
Last-Modified: Tue, 23 Jul 2013 13:28:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3655

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
en.novemtech.com/wp-content/plugins/nextgen-flex-slider-template/js/ 16 KB
7 KB 218ms
57ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-flex-slider-template/js/jquery.flexslider-min.js?ver=1.2
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d274203a9480a7beceb8405e21775a4b077706794968219b78bce8f4f4a69517

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "039a8559fece1:0"
Last-Modified: Tue, 19 Feb 2013 12:47:54 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6570

GET
H/1.1 200
OK shutter-reloaded.js Show response
en.novemtech.com/wp-content/plugins/nextgen-gallery/shutter/ 10 KB
4 KB 223ms
56ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3d91755eaa099833fee1bb4ca60887f32ab4e533cf8b8df71b9d4e2a5263a46

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "032e27a95bce1:0"
Last-Modified: Fri, 15 Feb 2013 15:59:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3856

GET
H/1.1 200
OK jquery.cycle.all.min.js Show response
en.novemtech.com/wp-content/plugins/nextgen-gallery/js/ 26 KB
10 KB 227ms
60ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 607c928f6bbb671a0a1eb9a9e0b2ec141f516e359a132bf700c83f3443a069b0

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "032e27a95bce1:0"
Last-Modified: Fri, 15 Feb 2013 15:59:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 9528

GET
H/1.1 200
OK ngg.slideshow.min.js Show response
en.novemtech.com/wp-content/plugins/nextgen-gallery/js/ 2 KB
1 KB 241ms
58ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 11ac669690a68e26846547a71266daf24eb0e8b3033c6f67828cc760cb16a324

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "032e27a95bce1:0"
Last-Modified: Fri, 15 Feb 2013 15:59:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1036

GET
H/1.1 200
OK backtotop.js Show response
en.novemtech.com/wp-content/themes/interface/js/ 523 B
725 B 246ms
62ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/themes/interface/js/backtotop.js?ver=3.8.32
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 584b568d7efbca5df3e5cd69d3d338617343a1659604488b6c3a511b7bfd0fa4

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0a11761a862cf1:0"
Last-Modified: Mon, 28 Apr 2014 06:09:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 389

GET
H/1.1 200
OK scripts.js Show response
en.novemtech.com/wp-content/themes/interface/js/ 914 B
859 B 272ms
54ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/themes/interface/js/scripts.js?ver=3.8.32
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b4b37046da4f91d1992c5e157b43726b05e40e0f58fd035cc3ac427e122ec73

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0a11761a862cf1:0"
Last-Modified: Mon, 28 Apr 2014 06:09:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 523

GET
H2 200 css
fonts.googleapis.com/ 3 KB
694 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400|Quattrocento+Sans:400&subset=latin

Requested by

Host: en.novemtech.com
URL: http://en.novemtech.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d82a438ba76879ab9498007a9595263aa1e217815abeb8f57e18cf89f387df5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Jan 2020 18:48:28 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 14 Jan 2020 18:48:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 14 Jan 2020 18:48:28 GMT

GET
H/1.1 200
OK 2d266dea64bafb7bb7d32f46e656364d.css
en.novemtech.com/wp-content/cache/css/static/ 24 KB
3 KB 182ms
68ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/cache/css/static/2d266dea64bafb7bb7d32f46e656364d.css
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ae219c6916610208c3ef02e49b6462a6dd17968d588d80d7fd6ae1ce25b876f8

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "f8e3a7e48caed51:0"
Last-Modified: Mon, 09 Dec 2019 12:33:43 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2763

GET
H/1.1 200
OK nt_logo.png
en.novemtech.com/wp-content/uploads/2014/05/ 12 KB
12 KB 56ms
56ms Image
image/png 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://en.novemtech.com/wp-content/uploads/2014/05/nt_logo.png
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 945bb484eb9905369ccb9d3e8647f3bf36dbfbf215bafbb76668c067f1cb69ba

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
ETag: "db7efb7fe369cf1:0"
Last-Modified: Wed, 07 May 2014 11:00:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12100

GET
H/1.1 200
OK 1-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 89 KB
89 KB 58ms
57ms Image
image/jpeg 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://en.novemtech.com/wp-content/uploads/2014/11/1-0x0.jpg
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
ETag: "c25c731e712d01:0"
Last-Modified: Mon, 17 Nov 2014 14:16:45 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 91258

GET 2-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 3-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 4-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 5-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 6-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 7-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 8-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 9-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 10-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 11-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET 12-0x0.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET arrow-icon.png
en.novemtech.com/wp-content/uploads/2014/05/ 0
0

GET tr_basarihikayeleri01_e.png
en.novemtech.com/wp-content/uploads/2014/04/ 0
0

GET tr_kalitebelgeleri01_e.png
en.novemtech.com/wp-content/uploads/2014/04/ 0
0

GET agacicon.png
nt.ysmyazilim.com/wp-content/uploads/2014/03/ 0
0

GET contact.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET career.jpg
en.novemtech.com/wp-content/uploads/2014/11/ 0
0

GET
H/1.1 200
OK nivo-slider.css
en.novemtech.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 2 KB
1 KB 54ms
54ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css?ver=2.8
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0472bfb962cf1:0"
Last-Modified: Mon, 28 Apr 2014 08:08:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1079

GET
H/1.1 200
OK public.css
en.novemtech.com/wp-content/plugins/ml-slider/assets/metaslider/ 2 KB
1 KB 53ms
53ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=2.8
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:39 GMT
Content-Encoding: gzip
ETag: "0472bfb962cf1:0"
Last-Modified: Mon, 28 Apr 2014 08:08:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 858

GET
H/1.1 200
OK default.css
en.novemtech.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/ 2 KB
1 KB 54ms
53ms Stylesheet
text/css 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=2.8
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:40 GMT
Content-Encoding: gzip
ETag: "50325b9b836ecf1:0"
Last-Modified: Tue, 13 May 2014 08:16:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 889

GET
H/1.1 200
OK jquery.form.min.js
en.novemtech.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
7 KB 59ms
58ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.46.0-2013.11.21
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:40 GMT
Content-Encoding: gzip
ETag: "0a3c7535bf7ce1:0"
Last-Modified: Thu, 12 Dec 2013 16:58:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6784

GET
H/1.1 200
OK scripts.js
en.novemtech.com/wp-content/plugins/contact-form-7/includes/js/ 8 KB
3 KB 55ms
54ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.6
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:40 GMT
Content-Encoding: gzip
ETag: "0a3c7535bf7ce1:0"
Last-Modified: Thu, 12 Dec 2013 16:58:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2755

GET
H/1.1 200
OK jquery.cycle.all.min.js
en.novemtech.com/wp-content/themes/interface/js/ 33 KB
11 KB 58ms
58ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/themes/interface/js/jquery.cycle.all.min.js?ver=2.9999.5
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:40 GMT
Content-Encoding: gzip
ETag: "0a11761a862cf1:0"
Last-Modified: Mon, 28 Apr 2014 06:09:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 10999

GET
H/1.1 200
OK interface-slider-setting.js
en.novemtech.com/wp-content/themes/interface/js/ 1 KB
1 KB 55ms
55ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/themes/interface/js/interface-slider-setting.js?ver=3.8.32
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:40 GMT
Content-Encoding: gzip
ETag: "0a11761a862cf1:0"
Last-Modified: Mon, 28 Apr 2014 06:09:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 821

GET
H/1.1 200
OK jquery.nivo.slider.pack.js
en.novemtech.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/ 12 KB
4 KB 59ms
59ms Script
application/javascript 94.102.76.90
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://en.novemtech.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=2.8
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 94.102.76.90 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: mail.stardekor.com.tr
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://en.novemtech.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 14 Jan 2020 18:48:40 GMT
Content-Encoding: gzip
ETag: "0472bfb962cf1:0"
Last-Modified: Mon, 28 Apr 2014 08:08:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3854

GET 42b29738a27165c74b87912193368cbe.js
en.novemtech.com/wp-content/cache/js/static/ 0
0

GET
H/1.1 200
OK / Show response
134.249.116.78/ 621 B
825 B 273ms
267ms Document
text/html 134.249.116.78
KSNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://134.249.116.78/?key=azYVBDryCouNj8A3XRbkPB6Elx2fdTLT
Requested by: Host: en.novemtech.com
URL: http://en.novemtech.com/
Protocol: HTTP/1.1
Server: 134.249.116.78 Lviv, Ukraine, ASN15895 (KSNET-AS, UA),
Reverse DNS: 134-249-116-78.broadband.kyivstar.net
Software: Apache/2.4.34 (Win32) PHP/7.2.10 / PHP/7.2.10
Resource Hash: d2ea711a2a3e6df2beb6900210895a990ee625fadf7c7e00bb5bad66490b812f

Request headers

Host: 134.249.116.78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://en.novemtech.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://en.novemtech.com/

Response headers

Date: Tue, 14 Jan 2020 18:48:28 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
X-Powered-By: PHP/7.2.10
Content-Length: 621
Connection: close
Content-Type: text/html; charset=UTF-8

GET ga.js
www.google-analytics.com/ 0
0

GET
H/1.1 200
OK cloud.php Show response
134.249.116.78/ 151 B
355 B 248ms
241ms Document
text/html 134.249.116.78
KSNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://134.249.116.78/cloud.php
Requested by: Host: 134.249.116.78
URL: http://134.249.116.78/?key=azYVBDryCouNj8A3XRbkPB6Elx2fdTLT
Protocol: HTTP/1.1
Server: 134.249.116.78 Lviv, Ukraine, ASN15895 (KSNET-AS, UA),
Reverse DNS: 134-249-116-78.broadband.kyivstar.net
Software: Apache/2.4.34 (Win32) PHP/7.2.10 / PHP/7.2.10
Resource Hash: 44b1ad3030474b131e9def6c60eb5d17a7e14afdf7f59f3cb0c35659a4ca59f5

Request headers

Host: 134.249.116.78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://134.249.116.78/?key=azYVBDryCouNj8A3XRbkPB6Elx2fdTLT
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://134.249.116.78/?key=azYVBDryCouNj8A3XRbkPB6Elx2fdTLT

Response headers

Date: Tue, 14 Jan 2020 18:48:28 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
X-Powered-By: PHP/7.2.10
Content-Length: 151
Connection: close
Content-Type: text/html; charset=UTF-8

GET /
securitim.ga/index/ 0
0

GET
H/1.1

200
OK

Primary Request index.php Show response
securitim.ga//offers/us/fb/
Redirect Chain

http://securitim.ga/index/?6871568466678
http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

29 KB
30 KB

561ms
559ms

Document
text/html

::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Requested by

Host: 134.249.116.78
URL: http://134.249.116.78/cloud.php

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7e07c7578ba82bfddf0a6aade79013c8cdd5b2cb46059a869490a57a06633319

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: securitim.ga
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://134.249.116.78/cloud.php
Accept-Encoding: gzip, deflate
Cookie: 00831=%7B%22streams%22%3A%7B%2211294%22%3A1579027709%7D%2C%22campaigns%22%3A%7B%221316%22%3A1579027709%7D%2C%22time%22%3A1579027709%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://134.249.116.78/cloud.php

Response headers

Server: nginx/1.16.1
Date: Tue, 14 Jan 2020 18:48:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN

Redirect headers

Server: nginx/1.16.1
Date: Tue, 14 Jan 2020 18:48:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Tue, 14 Jan 2020 18:48:29 GMT
Cache-Control: max-age=0
Pragma: no-cache
Set-Cookie: 00831=%7B%22streams%22%3A%7B%2211294%22%3A1579027709%7D%2C%22campaigns%22%3A%7B%221316%22%3A1579027709%7D%2C%22time%22%3A1579027709%7D; expires=Fri, 14-Feb-2020 18:48:29 GMT; Max-Age=2678400; path=/; domain=.securitim.ga
Location: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

GET
H/1.1 200
OK bootstrap.min.css
securitim.ga//offers/us/fb/files/ 98 KB
98 KB 680ms
671ms Stylesheet
text/css ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/bootstrap.min.css

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:22 GMT
Server: nginx/1.16.1
ETag: "5e013c02-18679"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99961
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.css
securitim.ga//offers/us/fb/files/ 17 KB
18 KB 672ms
662ms Stylesheet
text/css ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/font-awesome.css

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1cfc8b8dfb6c180d006c444ed3b0d29a99e4660494da56be9794898ae95f0300

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:23 GMT
Server: nginx/1.16.1
ETag: "5e013c03-44de"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17630
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.css
securitim.ga//offers/us/fb/files/ 7 KB
7 KB 671ms
661ms Stylesheet
text/css ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/main.css

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

09a619318ce5080423fbc31a6b97f08d785b31677d713d9154e2ca837b12a010

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-1c22"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7202
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK modernizr-2.6.2-respond-1.1.0.min.js Show response
securitim.ga//offers/us/fb/files/ 18 KB
18 KB 671ms
661ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/modernizr-2.6.2-respond-1.1.0.min.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

2dea5123cd52257c0b829d41c56d4963228b45b1ec355737d60bb6645c94f50e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-475c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18268
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.js Show response
securitim.ga//offers/us/fb/files/ 94 KB
94 KB 673ms
663ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/jquery.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

60dc662df463ede4ecd32c9f99f6adc59713ffc9dc5bb7cf35733557825bf32d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-17826"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96294
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
securitim.ga//offers/us/fb/files/ 223 KB
223 KB 787ms
570ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/jquery-ui.min.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-37aed"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228077
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK en-en.js Show response
securitim.ga//offers/us/fb/files/ 7 KB
7 KB 1246ms
575ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/en-en.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

90607ee4f036be7d2cb6369547076df9865093032fff0ed54ce369ca934eb2f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:22 GMT
Server: nginx/1.16.1
ETag: "5e013c02-1a38"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6712
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK returnDate.en.js Show response
securitim.ga//offers/us/fb/files/ 540 B
894 B 1469ms
564ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/returnDate.en.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

eee146f3954e624b69e833055cd9ba7c1dd256c4c548fbcf30df27b9de82ccc7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:32 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-21c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 540
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK utils-ms.js Show response
securitim.ga//offers/us/fb/files/ 0
350 B 1474ms
569ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/utils-ms.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:32 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK chrome58x58.png
securitim.ga//offers/us/fb/files/ 8 KB
9 KB 573ms
572ms Image
image/png ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/chrome58x58.png

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:32 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-2130"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8496
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 362 KB
92 KB 164ms
81ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

aa85eae9b4c8325d2ce364c584a2938d4fefcc53924091cabccd29acf65bde9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:30 GMT
Content-Encoding: br
Last-Modified: Thu, 26 Dec 2019 10:39:25 GMT
Server: nginx/1.14.2
ETag: "5e048ddd-16ddd"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93661
Expires: Tue, 14 Jan 2020 19:48:30 GMT

GET
H/1.1 200
OK iphone11pro.png
securitim.ga//offers/us/fb/files/ 35 KB
35 KB 600ms
589ms Image
image/png ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/iphone11pro.png

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

bd1c43c51e6d8b7669315f6a44009a78b5d6542625aff8f6136411587f600493

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-8c97"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35991
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img1.jpg
securitim.ga//offers/us/fb/files/ 1 KB
2 KB 578ms
568ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/img1.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-523"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1315
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img2.jpg
securitim.ga//offers/us/fb/files/ 1 KB
2 KB 793ms
571ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/img2.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:42 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-511"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1297
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK yWwCB4c.jpg
securitim.ga//offers/us/fb/files/ 2 KB
3 KB 858ms
548ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/yWwCB4c.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:42 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:27 GMT
Server: nginx/1.16.1
ETag: "5e013c07-920"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2336
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3temv7e.jpg
securitim.ga//offers/us/fb/files/ 1 KB
1 KB 641ms
610ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/3temv7e.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:42 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:20 GMT
Server: nginx/1.16.1
ETag: "5e013c00-491"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7wSpKDu.jpg
securitim.ga//offers/us/fb/files/ 2 KB
2 KB 611ms
605ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/7wSpKDu.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:42 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:20 GMT
Server: nginx/1.16.1
ETag: "5e013c00-7f5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2037
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 9PH2QqX.jpg
securitim.ga//offers/us/fb/files/ 2 KB
2 KB 1927ms
554ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/9PH2QqX.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:43 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:20 GMT
Server: nginx/1.16.1
ETag: "5e013c00-85f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2143
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK EKZrmbS.jpg
securitim.ga//offers/us/fb/files/ 2 KB
3 KB 1752ms
585ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/EKZrmbS.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:43 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:22 GMT
Server: nginx/1.16.1
ETag: "5e013c02-8d8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2264
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK yEUMY3v.jpg
securitim.ga//offers/us/fb/files/ 2 KB
2 KB 1941ms
570ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/yEUMY3v.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:44 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-648"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1608
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK KqX499j.png
securitim.ga//offers/us/fb/files/ 2 KB
2 KB 1801ms
573ms Image
image/png ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/KqX499j.png

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:44 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:25 GMT
Server: nginx/1.16.1
ETag: "5e013c05-81a"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2074
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK DsrKpkj.jpg
securitim.ga//offers/us/fb/files/ 1 KB
2 KB 1852ms
568ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/DsrKpkj.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:44 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-5e2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1506
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK plR22yu.jpg
securitim.ga//offers/us/fb/files/ 1017 B
1 KB 1896ms
574ms Image
image/jpeg ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga//offers/us/fb/files/plR22yu.jpg

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:44 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-3f9"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1017
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK comment.js Show response
securitim.ga//offers/us/fb/files/ 3 KB
3 KB 570ms
569ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/comment.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

72e3b6817e1fafd50792b2c33bc4416683a391aa1837bee1f43fdbc210c99ccc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:32 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:24 GMT
Server: nginx/1.16.1
ETag: "5e013c04-b15"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2837
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK confetti.js Show response
securitim.ga//offers/us/fb/files/ 3 KB
4 KB 603ms
603ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/confetti.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

651141c8290087af54c66793aa063ee5697661fb914925f56bd09390a2895ce4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:25 GMT
Server: nginx/1.16.1
ETag: "5e013c05-dcd"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3533
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
securitim.ga//offers/us/fb/files/ 28 KB
29 KB 612ms
610ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/bootstrap.min.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:23 GMT
Server: nginx/1.16.1
ETag: "5e013c03-71b6"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29110
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
securitim.ga//offers/us/fb/files/ 1 KB
2 KB 614ms
613ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/main.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c3f0c78218c8068cb0257ccd255d80f5e035021f11b2cd5a8271403287fd144c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:26 GMT
Server: nginx/1.16.1
ETag: "5e013c06-5aa"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1450
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK js.cookie6_pure.js Show response
securitim.ga//offers/us/fb/files/ 3 KB
3 KB 603ms
602ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/js.cookie6_pure.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

71773f8c559a1fdb770d7fa5720c08612d9ce7194be8bb44bdf95393f1469ce0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:25 GMT
Server: nginx/1.16.1
ETag: "5e013c05-c62"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3170
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bbms.js Show response
securitim.ga//offers/us/fb/files/ 627 B
981 B 624ms
622ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/bbms.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

7c242565dc099c183fa6d55cfba8ffa02873f02e1990909d2be58db1d43015dc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:21 GMT
Server: nginx/1.16.1
ETag: "5e013c01-273"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 627
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK exit_ms.js Show response
securitim.ga//offers/us/fb/files/ 2 KB
2 KB 1156ms
582ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/exit_ms.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0ba871a68bb8af1a54a62bb7e4279733ae983b4a1234f7ee26c534b66c15dbbe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:22 GMT
Server: nginx/1.16.1
ETag: "5e013c02-600"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1536
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK js1.js Show response
securitim.ga//offers/us/fb/files/ 0
350 B 583ms
582ms Script
application/javascript ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to

Full URL

http://securitim.ga//offers/us/fb/files/js1.js

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Last-Modified: Mon, 23 Dec 2019 22:13:25 GMT
Server: nginx/1.16.1
ETag: "5e013c05-0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/56716639/
Redirect Chain

https://mc.yandex.ru/watch/56716639?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-20200114214829...
https://mc.yandex.ru/watch/56716639/1?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-202001142148...

0
-1 B

41ms
41ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56716639/1?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-20200114214829f99b7&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579027709271%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200114194830%3Aet%3A1579027711%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A712858767%3Ahid%3A34970112%3Ads%3A0%2C0%2C559%2C234%2C879%2C800%2C1%2C%2C%2C%2C%2C%2C%3Awn%3A46259%3Ahl%3A3%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1579027711%3Au%3A1579027711878957923%3At%3A2020%20Annual%20Visitor%20Survey

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Tue, 14-Jan-2020 18:48:31 GMT
Server: nginx/1.14.2
Location: /watch/56716639/1?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-20200114214829f99b7&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579027709271%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200114194830%3Aet%3A1579027711%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A712858767%3Ahid%3A34970112%3Ads%3A0%2C0%2C559%2C234%2C879%2C800%2C1%2C%2C%2C%2C%2C%2C%3Awn%3A46259%3Ahl%3A3%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1579027711%3Au%3A1579027711878957923%3At%3A2020%20Annual%20Visitor%20Survey
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: http://securitim.ga
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 14-Jan-2020 18:48:31 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jan 2020 18:48:31 GMT
Last-Modified: Tue, 14-Jan-2020 18:48:31 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: http://securitim.ga
Strict-Transport-Security: max-age=31536000
Location: /watch/56716639/1?wmode=7&page-ref=http%3A%2F%2F134.249.116.78%2Fcloud.php&page-url=http%3A%2F%2Fsecuritim.ga%2F%2Foffers%2Fus%2Ffb%2Findex.php%3Fsubid%3D1316-11294-20200114214829f99b7&charset=utf-8&browser-info=ti%3A10%3Ans%3A1579027709271%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20200114194830%3Aet%3A1579027711%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A712858767%3Ahid%3A34970112%3Ads%3A0%2C0%2C559%2C234%2C879%2C800%2C1%2C%2C%2C%2C%2C%2C%3Awn%3A46259%3Ahl%3A3%3Agdpr%3A14%3Av%3A1795%3Awv%3A2%3Ast%3A1579027711%3Au%3A1579027711878957923%3At%3A2020%20Annual%20Visitor%20Survey
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 14-Jan-2020 18:48:31 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/56716639/ 152 B
699 B 46ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

c692d5cf557cd843a4b71b72e1898e4d6e71f6d1c047ddd6226525a7015db7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
Origin: http://securitim.ga
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 14 Jan 2020 18:48:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14-Jan-2020 18:48:31 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://securitim.ga
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Tue, 14-Jan-2020 18:48:31 GMT

GET
H/1.1 200
OK getextparams Show response
tdsjsext1.com/ExtService.svc/ 578 B
877 B 8319ms
8286ms XHR
application/json 185.50.248.72
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://tdsjsext1.com/ExtService.svc/getextparams
Requested by: Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/files/en-en.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.50.248.72 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 9c3f701679a59750a2a38ee87dab9c4daf5abbbc2a29461cfd2307edc5ffd1f8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
Origin: http://securitim.ga

Response headers

Date: Tue, 14 Jan 2020 18:48:40 GMT
Server: nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 578

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 41ms
40ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.14.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Tue, 14 Jan 2020 19:48:41 GMT

GET
H/1.1 200
OK chrome_48x48.png
securitim.ga/src/chrome/ 4 KB
4 KB 957ms
571ms Image
image/png ::ffff:238:f00a

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://securitim.ga/src/chrome/chrome_48x48.png

Requested by

Host: securitim.ga
URL: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7

Protocol

HTTP/1.1

Server

::ffff:238:f00a -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e21b5627de9316457ebcbb5849497540a876a757ee1b99f8a42be5cdde03e590

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://securitim.ga//offers/us/fb/index.php?subid=1316-11294-20200114214829f99b7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 18:48:44 GMT
Last-Modified: Mon, 23 Dec 2019 21:55:51 GMT
Server: nginx/1.16.1
ETag: "5e0137e7-e5e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/2-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/3-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/4-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/5-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/6-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/7-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/8-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/9-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/10-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/11-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/12-0x0.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/05/arrow-icon.png

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/04/tr_basarihikayeleri01_e.png

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/04/tr_kalitebelgeleri01_e.png

Domain: nt.ysmyazilim.com
URL: http://nt.ysmyazilim.com/wp-content/uploads/2014/03/agacicon.png

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/contact.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/uploads/2014/11/career.jpg

Domain: en.novemtech.com
URL: http://en.novemtech.com/wp-content/cache/js/static/42b29738a27165c74b87912193368cbe.js

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/ga.js

Domain: securitim.ga
URL: http://securitim.ga/index/?6871568466678

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

en.novemtech.com
fonts.googleapis.com
mc.yandex.ru
nt.ysmyazilim.com
securitim.ga
tdsjsext1.com
www.google-analytics.com
en.novemtech.com
nt.ysmyazilim.com
securitim.ga
www.google-analytics.com
134.249.116.78
185.50.248.72
2a00:1450:4001:824::200a
2a02:6b8::1:119
94.102.76.90
::ffff:238:f00a
0557d9ebec9ff6407efd36c4ad999a4dfa719f842d2221c0f39e6296764e0327
09a619318ce5080423fbc31a6b97f08d785b31677d713d9154e2ca837b12a010
0ba871a68bb8af1a54a62bb7e4279733ae983b4a1234f7ee26c534b66c15dbbe
11ac669690a68e26846547a71266daf24eb0e8b3033c6f67828cc760cb16a324
1cfc8b8dfb6c180d006c444ed3b0d29a99e4660494da56be9794898ae95f0300
2b4b37046da4f91d1992c5e157b43726b05e40e0f58fd035cc3ac427e122ec73
2dea5123cd52257c0b829d41c56d4963228b45b1ec355737d60bb6645c94f50e
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
44b1ad3030474b131e9def6c60eb5d17a7e14afdf7f59f3cb0c35659a4ca59f5
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ad8f27e3c79f7a33df4881810d588264cb0abba96cec7492e409c17e621190
56c71ca2315aebc158fd0601ac1682265e4c31360b48a6a638f5c7323761d01a
584b568d7efbca5df3e5cd69d3d338617343a1659604488b6c3a511b7bfd0fa4
5eff118c95dd8f08df299d0c46f70740efdff80841e6a7af8bed940e2b8a2163
607c928f6bbb671a0a1eb9a9e0b2ec141f516e359a132bf700c83f3443a069b0
60dc662df463ede4ecd32c9f99f6adc59713ffc9dc5bb7cf35733557825bf32d
651141c8290087af54c66793aa063ee5697661fb914925f56bd09390a2895ce4
6eca9b6ba93c6c555cbed4ffa6015471dfadc58c515fbddafa41fa1df95a7e70
71773f8c559a1fdb770d7fa5720c08612d9ce7194be8bb44bdf95393f1469ce0
72e3b6817e1fafd50792b2c33bc4416683a391aa1837bee1f43fdbc210c99ccc
7863ea7741829c86e93be3006b7b6c1a96dca46efdc158b56755a8628bb6bb19
7c242565dc099c183fa6d55cfba8ffa02873f02e1990909d2be58db1d43015dc
7e07c7578ba82bfddf0a6aade79013c8cdd5b2cb46059a869490a57a06633319
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
90607ee4f036be7d2cb6369547076df9865093032fff0ed54ce369ca934eb2f0
945bb484eb9905369ccb9d3e8647f3bf36dbfbf215bafbb76668c067f1cb69ba
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
9c3f701679a59750a2a38ee87dab9c4daf5abbbc2a29461cfd2307edc5ffd1f8
9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aa85eae9b4c8325d2ce364c584a2938d4fefcc53924091cabccd29acf65bde9d
ac37412021fb1b48785fd1e76b3250ca274c73f281b9b7cd9d92aa8cd3c25465
ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa
ae219c6916610208c3ef02e49b6462a6dd17968d588d80d7fd6ae1ce25b876f8
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
bd1c43c51e6d8b7669315f6a44009a78b5d6542625aff8f6136411587f600493
c271381c7f2891d1bbf12d9f35912487b697a766b9f9ba96bfe753d421af0d76
c3f0c78218c8068cb0257ccd255d80f5e035021f11b2cd5a8271403287fd144c
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c514e2d1f0b9ce46d5450eaff7ff0e370fd0b66eebe7a4f3b7897126bbc12758
c692d5cf557cd843a4b71b72e1898e4d6e71f6d1c047ddd6226525a7015db7a8
d274203a9480a7beceb8405e21775a4b077706794968219b78bce8f4f4a69517
d2ea711a2a3e6df2beb6900210895a990ee625fadf7c7e00bb5bad66490b812f
d82a438ba76879ab9498007a9595263aa1e217815abeb8f57e18cf89f387df5e
dc66d959911ac180fca2aeeaaac03fed7edd5686b0bfb6d08bcd691d8b04892e
e21b5627de9316457ebcbb5849497540a876a757ee1b99f8a42be5cdde03e590
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d91755eaa099833fee1bb4ca60887f32ab4e533cf8b8df71b9d4e2a5263a46
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
eee146f3954e624b69e833055cd9ba7c1dd256c4c548fbcf30df27b9de82ccc7
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

securitim.ga Open in urlscan Pro ::ffff:238:f00a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

7 %HTTPS

50 %IPv6

7 Domains

7 Subdomains

7 IPs

6 Countries

945 kBTransfer

1438 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securitim.ga Open in urlscan Pro
::ffff:238:f00a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

7 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

6
Countries

945 kB
Transfer

1438 kB
Size

0
Cookies

89 HTTP transactions
0 data transactions