taraftarium24com.blogspot.com Open in urlscan Pro
2607:f8b0:4020:807::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://taraftarium24com.blogspot.com/
Submission: On December 04 via api (December 4th 2023, 1:20:10 pm UTC) from US — Scanned from US

Summary HTTP 34 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2607:f8b0:4020:807::2001, located in Montreal, Canada and belongs to GOOGLE, US. The main domain is taraftarium24com.blogspot.com.
TLS certificate: Issued by GTS CA 1C3 on October 23rd 2023. Valid for: 3 months.

This is the only time taraftarium24com.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:402... 2607:f8b0:4020:804::2009	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a01:4f8:151:... 2a01:4f8:151:6117::2	24940 (HETZNER-AS) (HETZNER-AS)
3	173.233.137.36 173.233.137.36	7979 (SERVERS-COM) (SERVERS-COM)
1 1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
2	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
4	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
34	9

1 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

taraftarium24com.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:804::2009 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4f8:151:6117::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ic.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in4.sitekodlari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)

pl154258.alternativecpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

go.onclasrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cobalten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

cameesse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	sitekodlari.com ic.sitekodlari.com ic1.sitekodlari.com Failed in4.sitekodlari.com	40 KB
5	blogger.com www.blogger.com — Cisco Umbrella Rank: 11518	72 KB
4	cameesse.net cameesse.net — Cisco Umbrella Rank: 53288	145 KB
4	blogspot.com taraftarium24com.blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 13795 2.bp.blogspot.com — Cisco Umbrella Rank: 14427	354 KB
3	alternativecpmgate.com pl154258.alternativecpmgate.com
3	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 19364	1 KB
2	cobalten.com cobalten.com	29 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	552 B
1	onclasrv.com 1 redirects go.onclasrv.com	161 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48	2 KB
0	adnimo.com Failed cdn.adnimo.com Failed
34	11

	Domain	Requested by
5	www.blogger.com	taraftarium24com.blogspot.com www.blogger.com
4	cameesse.net	go.onclasrv.com cameesse.net
4	ic.sitekodlari.com	taraftarium24com.blogspot.com
3	pl154258.alternativecpmgate.com	ic.sitekodlari.com
3	resources.blogblog.com	taraftarium24com.blogspot.com
2	cobalten.com	taraftarium24com.blogspot.com go.onclasrv.com
2	2.bp.blogspot.com	taraftarium24com.blogspot.com
1	in4.sitekodlari.com	taraftarium24com.blogspot.com
1	my.rtmark.net	go.onclasrv.com
1	go.onclasrv.com	1 redirects
1	lh3.googleusercontent.com	taraftarium24com.blogspot.com
1	3.bp.blogspot.com	taraftarium24com.blogspot.com
1	taraftarium24com.blogspot.com
0	ic1.sitekodlari.com Failed	ic.sitekodlari.com
0	cdn.adnimo.com Failed	taraftarium24com.blogspot.com
34	15

This site contains links to these domains. Also see Links.

Domain
www.bixspor.kim
2.bp.blogspot.com
www.blogger.com
www.trtspor.com.tr
taraftarium24com.blogspot.com.tr
www.sitekodlari.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ic.sitekodlari.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
alternativecpmgate.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
cameesse.net R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
in4.sitekodlari.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
cobalten.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://taraftarium24com.blogspot.com/
Frame ID: 754C51729AB999A4CE58CCEF7F4C79B2
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Taraftarium24 Ligtv İzle, Taraftarium24 Bedava Maç İzle, Beinsports,Taraftarium24 Ligtv İzle, Taraftarium24 Bedava Maç İzle, Beinsports,

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Page Statistics

34
Requests

79 %
HTTPS

44 %
IPv6

11
Domains

15
Subdomains

9
IPs

4
Countries

644 kB
Transfer

1204 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bixspor.kim/2017/12/taraftarium24-canl-mac-izle.html

Search URL Search Domain Scan URL

URL: https://2.bp.blogspot.com/-v9S6Ntg9z0k/WfJBruUmlsI/AAAAAAAAAAg/LQXg7LmW4_YQQ4QvpAFDJP_h74IgHli4gCPcBGAYYCw/s1600/indir.jpg

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=4931344575091848306&postID=4590811037600142661&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4931344575091848306&postID=4590811037600142661&target=email
Title: Bunu E-postayla Gönder

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4931344575091848306&postID=4590811037600142661&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4931344575091848306&postID=4590811037600142661&target=twitter
Title: Twitter'da Paylaş

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4931344575091848306&postID=4590811037600142661&target=facebook
Title: Facebook'ta Paylaş

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=4931344575091848306&postID=4590811037600142661&target=pinterest
Title: Pinterest'te Paylaş

Search URL Search Domain Scan URL

URL: http://www.trtspor.com.tr/

Search URL Search Domain Scan URL

URL: http://taraftarium24com.blogspot.com.tr/
Title: Taraftarium24

Search URL Search Domain Scan URL

URL: http://www.sitekodlari.com/sporhaberlerikodu.php

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://go.onclasrv.com/apu.php?zoneid=438866 HTTP 302
https://cobalten.com/apu.php?zoneid=438866

34 HTTP transactions
-4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
taraftarium24com.blogspot.com/ 38 KB
10 KB 207ms
154ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3fdf735e1061e98bf909b3f9663221138e39096f28891a60c40e14035f04288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 9594
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 13:20:03 GMT
etag: W/"52f43c35cc9338ad7b5fc5dae6ca4985024710a0636107c69b4bca905abc7051"
expires: Mon, 04 Dec 2023 13:20:03 GMT
last-modified: Sun, 12 Mar 2023 11:13:04 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 54ms
13ms Stylesheet
text/css 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 05:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:58:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 01 Dec 2024 05:56:52 GMT

GET
H2 200 cooltext263717072626212.png
3.bp.blogspot.com/-WpcYhjHqslg/WfI4rKSmdTI/AAAAAAAAAAQ/KzsYXKCulLAe7cIOcaPRohqN-IoCojxRQCK4BGAYYCw/s1600/ 112 KB
113 KB 358ms
306ms Image
image/png 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-WpcYhjHqslg/WfI4rKSmdTI/AAAAAAAAAAQ/KzsYXKCulLAe7cIOcaPRohqN-IoCojxRQCK4BGAYYCw/s1600/cooltext263717072626212.png

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d4cde1aed0594a9d30a1fd5ec83e123d9d0d57d8bd5861ecb3bc1d6b3a4033ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cooltext263717072626212.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114998
x-xss-protection: 0
expires: Tue, 05 Dec 2023 13:20:03 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
684 B 235ms
197ms Stylesheet
text/css 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4931344575091848306&zx=d4a2ae9d-2e08-4350-83aa-1f0ad3b48095

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Mon, 04 Dec 2023 13:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:20:03 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 guY4hhCNl3p2iYYFL-s9z9s4Vf8.gif
2.bp.blogspot.com/-pFjB2pTf2-U/WiLjCZrUoMI/AAAAAAAAAIs/ECdmxTN3ArgRnEHiHzh7HTo2SsxP9SI2QCK4BGAYYCw/s1600/ 220 KB
220 KB 251ms
201ms Image
image/gif 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-pFjB2pTf2-U/WiLjCZrUoMI/AAAAAAAAAIs/ECdmxTN3ArgRnEHiHzh7HTo2SsxP9SI2QCK4BGAYYCw/s1600/guY4hhCNl3p2iYYFL-s9z9s4Vf8.gif

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ee1367582f32c1efac9e0faa1d3b1ff3fae94d92a568c74de5c5bca86dd272e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v8d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="guY4hhCNl3p2iYYFL-s9z9s4Vf8.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225336
x-xss-protection: 0
expires: Tue, 05 Dec 2023 13:20:03 GMT

GET
H2 200 indir.jpg
2.bp.blogspot.com/-v9S6Ntg9z0k/WfJBruUmlsI/AAAAAAAAAAg/LQXg7LmW4_YQQ4QvpAFDJP_h74IgHli4gCPcBGAYYCw/s1600/ 11 KB
11 KB 357ms
308ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-v9S6Ntg9z0k/WfJBruUmlsI/AAAAAAAAAAg/LQXg7LmW4_YQQ4QvpAFDJP_h74IgHli4gCPcBGAYYCw/s1600/indir.jpg

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

42bb4b03563a3ed1b9f9f0f10cc672f755c4116b5cd2e05c5560a452cd785d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="indir.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11392
x-xss-protection: 0
expires: Tue, 05 Dec 2023 13:20:03 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
587 B 63ms
11ms Image
image/gif 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 14:27:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 02 Dec 2023 09:52:32 GMT
server: sffe
age: 168765
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Dec 2023 14:27:18 GMT

GET
H2 200 ALY8t1ttzHlJBYCnudKRk8SLFLKGlbQOwHefnT5j7wZhiUwL6WZEABDaP3oY7dZ8mNlTzuRR5CExuXkmAqQO4hfse8dqwfbpcrlSev7XjHo0mwveSIjmmlgKmoo8HPK2Og=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 2 KB
2 KB 875ms
816ms Image
image/png 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/ALY8t1ttzHlJBYCnudKRk8SLFLKGlbQOwHefnT5j7wZhiUwL6WZEABDaP3oY7dZ8mNlTzuRR5CExuXkmAqQO4hfse8dqwfbpcrlSev7XjHo0mwveSIjmmlgKmoo8HPK2Og=s0-d

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9893b7fb5de950110e568d45cddec12e585952bd832b57500d1d4839f87d1a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:04 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2179
x-xss-protection: 0
expires: Tue, 05 Dec 2023 13:20:04 GMT

GET
H2 200 macsonuclari1.js Show response
ic.sitekodlari.com/ 278 B
327 B 474ms
91ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.sitekodlari.com/macsonuclari1.js
Requested by: Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 39109849cf0bf2f89eeca36a01d78f762909de2703694ce616c594da3abd317e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
content-encoding: br
last-modified: Sun, 25 Jul 2021 13:59:59 GMT
x-accel-version: 0.01
server: nginx
etag: W/"116-5c7f30d6c37dd"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 sporhaberleri2.js Show response
ic.sitekodlari.com/ 278 B
327 B 473ms
90ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.sitekodlari.com/sporhaberleri2.js
Requested by: Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1a670579baea1a1a8a3361879b3addf630dc24bdd1e86e6948544b317d137e0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
content-encoding: br
last-modified: Sun, 25 Jul 2021 14:00:07 GMT
x-accel-version: 0.01
server: nginx
etag: W/"116-5c7f30de2172c"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 yukaricik17.js Show response
ic.sitekodlari.com/ 95 KB
33 KB 558ms
175ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.sitekodlari.com/yukaricik17.js
Requested by: Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5e6d365aa5031a140f8a1b64974699e468d03bbed9dea04f8d12e036ff559491

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
content-encoding: br
last-modified: Sun, 25 Jul 2021 14:00:21 GMT
server: nginx
etag: W/"60fd6e75-17b51"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 sagtusengelleme1.js Show response
ic.sitekodlari.com/ 244 B
319 B 474ms
92ms Script
application/javascript 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.sitekodlari.com/sagtusengelleme1.js
Requested by: Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5ee60b498426f75e37a1061db74116a7a911711866f19e536a39c62310c0e289

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:03 GMT
content-encoding: br
last-modified: Sun, 25 Jul 2021 14:00:05 GMT
x-accel-version: 0.01
server: nginx
etag: W/"f4-5c7f30dc45dea"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 3754116945-widgets.js Show response
www.blogger.com/static/v1/widgets/ 161 KB
58 KB 15ms
14ms Script
text/javascript 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3754116945-widgets.js

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59286
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 23:28:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 30 Nov 2024 22:49:42 GMT

GET w7ke.js
cdn.adnimo.com/code/ 0
0

GET
H2 200 gradients_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 403 B
525 B 17ms
16ms Image
image/png 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/gradients_light.png

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:31:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 23:55:48 GMT
server: sffe
age: 182932
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Dec 2023 10:31:11 GMT

GET
H2 200 body_gradient_tile_light.png
resources.blogblog.com/blogblog/data/1kt/simple/ 95 B
208 B 17ms
17ms Image
image/png 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/simple/body_gradient_tile_light.png

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:11:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 19:57:22 GMT
server: sffe
age: 162496
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 09 Dec 2023 16:11:47 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 27ms
27ms Image
image/png 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:33:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 14:54:48 GMT
server: sffe
age: 243982
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 08 Dec 2023 17:33:41 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 197ms
197ms Stylesheet
text/css 2607:f8b0:4020:804::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4931344575091848306&zx=d4a2ae9d-2e08-4350-83aa-1f0ad3b48095

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2009 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Mon, 04 Dec 2023 13:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:20:03 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 1123ms
17ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: ic.sitekodlari.com
URL: https://ic.sitekodlari.com/macsonuclari1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://taraftarium24com.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 04 Dec 2023 13:20:04 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 12ms
12ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: ic.sitekodlari.com
URL: https://ic.sitekodlari.com/sporhaberleri2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://taraftarium24com.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 04 Dec 2023 13:20:05 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2

200

apu.php Show response
cobalten.com/
Redirect Chain

https://go.onclasrv.com/apu.php?zoneid=438866
https://cobalten.com/apu.php?zoneid=438866

70 KB
27 KB

334ms
163ms

Script
application/javascript

139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalten.com/apu.php?zoneid=438866

Requested by

Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/

Protocol

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4c0218673376719e5187b77fa8acbc28031c5dcf1cf9c46a31010c027fba822d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: b3bb7ccae1f373b45820697ca708681b
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

Redirect headers

date: Mon, 04 Dec 2023 13:20:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: text/html
location: https://cobalten.com/apu.php?zoneid=438866
timing-allow-origin: *
content-length: 138

GET
H2 200 1 Show response
cameesse.net/ 42 KB
16 KB 341ms
158ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/1?z=2582760
Requested by: Host: go.onclasrv.com
URL: https://go.onclasrv.com/apu.php?zoneid=438866
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3fb98ddb35c329c7fa1680e39e0a59706704c6a76af9c7944c9030bc3f78cffe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 856b5fc0cb3484149794763ce3b74a48
pragma: no-cache
date: Mon, 04 Dec 2023 13:20:05 GMT
content-encoding: gzip
x-sc: rBMJvJZqPlJZ6ATYg5-NsXPsQY-7zXJrkcc8fILQyuQuHCJlebgXhaRUjrUOwD0-wuy8j_jcdu5ixQqeDYtbZFknKIw=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
552 B 252ms
80ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=53de1030bcac4c45ae29262798fc0e13

Requested by

Host: go.onclasrv.com
URL: https://go.onclasrv.com/apu.php?zoneid=438866

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

af1b83910a22b46a0c6260c9aefa6fe03b420b6e29d38ec90f8612e3eb7181d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://taraftarium24com.blogspot.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET se1.php
ic1.sitekodlari.com/ 0
0

GET
H/1.1 403
Forbidden 95d762de5ca6721293d645df673ba144.js
pl154258.alternativecpmgate.com/95/d7/62/ 0
0 15ms
15ms Script
application/javascript 173.233.137.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js
Requested by: Host: ic.sitekodlari.com
URL: https://ic.sitekodlari.com/sagtusengelleme1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://taraftarium24com.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 04 Dec 2023 13:20:05 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 yc17.png
in4.sitekodlari.com/yukcik/ 6 KB
6 KB 474ms
88ms Image
image/png 2a01:4f8:151:6117::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://in4.sitekodlari.com/yukcik/yc17.png
Requested by: Host: taraftarium24com.blogspot.com
URL: https://taraftarium24com.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:151:6117::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 37daf0ae1c36b7229b41e405b0143f0ce9bb57a48f99a74877203fb7a8eac61f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:06 GMT
last-modified: Sun, 05 May 2019 09:24:58 GMT
server: nginx
etag: "5cceabea-18cc"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 6348

GET
H2 200 / Show response
cobalten.com/ 2 KB
2 KB 81ms
81ms Fetch
application/json 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cobalten.com/?rb=EvIP6FcMnaeQcbUeD2hCvp6BXTaJE79OXlNwOChzQ97TZxfofqnS9SKiNiCSb4zbIoTQjXojsckOOthfGEHdXN92TLRGy7alJcT7DoMFiAx78RZk7JcjSZhh3YKqYEse58_mSroIZb3w_QHd-2c4Jv5bwfyKU0oa69aSGsksijXjhDreiceJDNmzEE6Jg0M28OAsohx_UPvErQjFW5iCls9VEYqZWOn-xzeRsd92YNp-naFIwiqYJ5HsYyO4CWZaVCF6BnHVBYyAuX7cHjkBibruPIdqy_p3ybmnkOm1SEBWmYp7&request_ab2=0&zoneid=438866&js_build=iclick-v1.637.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=4&pl=https%3A%2F%2Ftaraftarium24com.blogspot.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.637.0&bs=f8db09e1-97fd-4fb7-ab62-fb70e9325ba0&userId=53de1030bcac4c45ae29262798fc0e13&m=link

Requested by

Host: go.onclasrv.com
URL: https://go.onclasrv.com/apu.php?zoneid=438866

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

364d9c30c3f4eeff6b261c8c5bb86c71d3be12164fa1e8a1ea091cd5dae6a2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:20:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: a20c7f431e8f300ba3a7249a807b3361
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://taraftarium24com.blogspot.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 b7af9eee900df9a8aa2af9ad8ee46174 Show response
cameesse.net/27/ 403 KB
128 KB 82ms
81ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174

Requested by

Host: cameesse.net
URL: https://cameesse.net/1?z=2582760

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://taraftarium24com.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 0d9e43bafdf209061de76f39a425b0d9
date: Mon, 04 Dec 2023 13:20:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 06:46:08 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Fri, 24 Dec 2083 06:46:08 GMT

POST
H2 200 9 Show response
cameesse.net/ 7 B
627 B 86ms
85ms XHR
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=2892802&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ftaraftarium24com.blogspot.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&oaid=53de1030bcac4c45ae29262798fc0e13
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/b7af9eee900df9a8aa2af9ad8ee46174
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://taraftarium24com.blogspot.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c3f3093f9e6f0742c3539f7a9073a11b
pragma: no-cache
date: Mon, 04 Dec 2023 13:20:06 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://taraftarium24com.blogspot.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
cameesse.net/ 0
0 237ms
78ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=2892802&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Ftaraftarium24com.blogspot.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&oaid=53de1030bcac4c45ae29262798fc0e13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://taraftarium24com.blogspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://taraftarium24com.blogspot.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Mon, 04 Dec 2023 13:20:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.adnimo.com
URL: https://cdn.adnimo.com/code/w7ke.js

Domain: ic1.sitekodlari.com
URL: http://ic1.sitekodlari.com/se1.php

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cobalten.com/	1970-01-21 01:27:12	Name: OAID Value: 53de1030bcac4c45ae29262798fc0e13
cobalten.com/	1970-01-21 01:27:12	Name: oaidts Value: 1701696005
my.rtmark.net/	1970-01-21 01:27:12	Name: ID Value: 53de1030bcac4c45ae29262798fc0e13
taraftarium24com.blogspot.com/	1970-01-20 16:41:36	Name: prefetchAd_438866 Value: true
cameesse.net/	1970-01-21 01:27:12	Name: scm Value: 1
cameesse.net/	1970-01-21 01:27:12	Name: oaidts Value: 1701696005
cobalten.com/	1970-01-20 16:51:40	Name: syncedCookie Value: true
cameesse.net/	1970-01-21 01:27:12	Name: OAID Value: 53de1030bcac4c45ae29262798fc0e13

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://taraftarium24com.blogspot.com/(Line 731) Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure frame 'http://www.trtspor.com.tr/puandurumu-ekle/?lig=1&renk=k&baslik=1&resimler=1&a=6'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://ic.sitekodlari.com/macsonuclari1.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ic.sitekodlari.com/macsonuclari1.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ic.sitekodlari.com/macsonuclari1.js Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure frame 'http://ic1.sitekodlari.com/ms1.php'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ic.sitekodlari.com/sporhaberleri2.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ic.sitekodlari.com/sporhaberleri2.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ic.sitekodlari.com/sporhaberleri2.js Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure frame 'http://ic1.sitekodlari.com/sh2.php'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://ic.sitekodlari.com/yukaricik17.js(Line 189) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://go.onclasrv.com/apu.php?zoneid=438866, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ic.sitekodlari.com/yukaricik17.js(Line 189) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://go.onclasrv.com/apu.php?zoneid=438866, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ic.sitekodlari.com/yukaricik17.js(Line 188) Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure frame 'http://ic1.sitekodlari.com/yc1.php'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://ic.sitekodlari.com/sagtusengelleme1.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ic1.sitekodlari.com/se1.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ic.sitekodlari.com/sagtusengelleme1.js Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure script 'http://ic1.sitekodlari.com/se1.php'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://ic.sitekodlari.com/sagtusengelleme1.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://ic1.sitekodlari.com/se1.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ic.sitekodlari.com/sagtusengelleme1.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pl154258.alternativecpmgate.com/95/d7/62/95d762de5ca6721293d645df673ba144.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://taraftarium24com.blogspot.com/ Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure element 'http://in4.sitekodlari.com/yukcik/yc17.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://taraftarium24com.blogspot.com/ Message: Mixed Content: The page at 'https://taraftarium24com.blogspot.com/' was loaded over HTTPS, but requested an insecure element 'http://in4.sitekodlari.com/yukcik/yc17.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
3.bp.blogspot.com
cameesse.net
cdn.adnimo.com
cobalten.com
go.onclasrv.com
ic.sitekodlari.com
ic1.sitekodlari.com
in4.sitekodlari.com
lh3.googleusercontent.com
my.rtmark.net
pl154258.alternativecpmgate.com
resources.blogblog.com
taraftarium24com.blogspot.com
www.blogger.com
cdn.adnimo.com
ic1.sitekodlari.com
139.45.195.8
139.45.197.236
139.45.197.238
139.45.197.242
173.233.137.36
2607:f8b0:4020:804::2009
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2001
2a01:4f8:151:6117::2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd
1a3f7f2cfe5fba958e9df1a38c0980aab5bb21225601ea849f9e6df4afe09f2e
1a670579baea1a1a8a3361879b3addf630dc24bdd1e86e6948544b317d137e0e
364d9c30c3f4eeff6b261c8c5bb86c71d3be12164fa1e8a1ea091cd5dae6a2aa
37daf0ae1c36b7229b41e405b0143f0ce9bb57a48f99a74877203fb7a8eac61f
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974
39109849cf0bf2f89eeca36a01d78f762909de2703694ce616c594da3abd317e
3fb98ddb35c329c7fa1680e39e0a59706704c6a76af9c7944c9030bc3f78cffe
42bb4b03563a3ed1b9f9f0f10cc672f755c4116b5cd2e05c5560a452cd785d48
4c0218673376719e5187b77fa8acbc28031c5dcf1cf9c46a31010c027fba822d
5e6d365aa5031a140f8a1b64974699e468d03bbed9dea04f8d12e036ff559491
5ee60b498426f75e37a1061db74116a7a911711866f19e536a39c62310c0e289
9893b7fb5de950110e568d45cddec12e585952bd832b57500d1d4839f87d1a15
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
af1b83910a22b46a0c6260c9aefa6fe03b420b6e29d38ec90f8612e3eb7181d3
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
d4cde1aed0594a9d30a1fd5ec83e123d9d0d57d8bd5861ecb3bc1d6b3a4033ac
ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044
ee1367582f32c1efac9e0faa1d3b1ff3fae94d92a568c74de5c5bca86dd272e5
f3fdf735e1061e98bf909b3f9663221138e39096f28891a60c40e14035f04288

taraftarium24com.blogspot.com Open in urlscan Pro 2607:f8b0:4020:807::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

79 %HTTPS

44 %IPv6

11 Domains

15 Subdomains

9 IPs

4 Countries

644 kBTransfer

1204 kBSize

8 Cookies

12 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

taraftarium24com.blogspot.com Open in urlscan Pro
2607:f8b0:4020:807::2001 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

79 %
HTTPS

44 %
IPv6

11
Domains

15
Subdomains

9
IPs

4
Countries

644 kB
Transfer

1204 kB
Size

8
Cookies

34 HTTP transactions
-4 data transactions