URL: https://vernouepalenstithe.ml/
Submission Tags: krdtest
Submission: On September 28 via api from JP — Scanned from DE

Summary

This website contacted 7 IPs in 6 countries across 7 domains to perform 9 HTTP transactions. The main IP is 104.21.84.41, located in and belongs to CLOUDFLARENET, US. The main domain is vernouepalenstithe.ml.
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.
This is the only time vernouepalenstithe.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.84.41 13335 (CLOUDFLAR...)
1 142.250.185.170 15169 (GOOGLE)
1 93.93.104.51 201707 (GOSTREAM)
1 31.192.214.154 51559 (NETINTERN...)
1 178.62.90.122 14061 (DIGITALOC...)
1 89.187.169.122 60068 (CDN77 ^_^)
3 142.250.184.195 15169 (GOOGLE)
9 7
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
1 i4.hurimg.com vernouepalenstithe.ml
1 www.acikgazete.com vernouepalenstithe.ml
1 help724.com vernouepalenstithe.ml
1 icdn.turkiyegazetesi.com.tr vernouepalenstithe.ml
1 fonts.googleapis.com vernouepalenstithe.ml
1 vernouepalenstithe.ml
9 7

This site contains no links.

Subject Issuer Validity Valid
*.vernouepalenstithe.ml
R3
2021-09-27 -
2021-12-26
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
icdn.turkiyegazetesi.com.tr
R3
2021-09-01 -
2021-11-30
3 months crt.sh
help724.com
R3
2021-08-31 -
2021-11-29
3 months crt.sh
acikgazete.com
R3
2021-08-07 -
2021-11-05
3 months crt.sh
*.hurimg.com
AlphaSSL CA - SHA256 - G2
2021-06-02 -
2022-07-04
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://vernouepalenstithe.ml/
Frame ID: FA5395650C5499151DB5E35C22361DC0
Requests: 9 HTTP requests in this frame

Screenshot

Page Title

Bitkileri fotoğraftan tanımlayan mobil uygulama: PictureThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

7
IPs

6
Countries

232 kB
Transfer

270 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vernouepalenstithe.ml/
48 KB
15 KB
Document
General
Full URL
https://vernouepalenstithe.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.84.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67a81588ca91a90ffcdff0e7c7108602bc0e2707be7efdb43548d9c7ba2919b

Request headers

:method
GET
:authority
vernouepalenstithe.ml
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 28 Sep 2021 05:04:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
ch1c=b
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7lI0etUn97nPy2I0RQeYzyWudmdI0megf4FaSNGoQ9gYuCUCaPA5nQr5Z2ygTiSmCGz92MnpSs8rBZH7I3LltLWUKxXmNiHqeYyrYUyfrgi54xQX%2FgSxcvph7lA%2FtAnsx7SrotbSH8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
695a6f07de593b6d-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: vernouepalenstithe.ml
URL: https://vernouepalenstithe.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
db65b6dc8f89c8b766feed64ee54961c71e3cf90bb653c8a2a09efa356a92d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vernouepalenstithe.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 04:31:10 GMT
server
ESF
date
Tue, 28 Sep 2021 05:04:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Sep 2021 05:04:55 GMT
2018-ogretmen-il-ici-atama-sonuclari-aciklandi-il-ici-tayin-sonuclari-sorgula-og-1527675545.jpg
icdn.turkiyegazetesi.com.tr/images/haberler/2018_05/buyuk/
60 KB
61 KB
Image
General
Full URL
https://icdn.turkiyegazetesi.com.tr/images/haberler/2018_05/buyuk/2018-ogretmen-il-ici-atama-sonuclari-aciklandi-il-ici-tayin-sonuclari-sorgula-og-1527675545.jpg
Requested by
Host: vernouepalenstithe.ml
URL: https://vernouepalenstithe.ml/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.104.51 , Netherlands, ASN201707 (GOSTREAM, NL),
Reverse DNS
Software
GoStream /
Resource Hash
1a468d6db53b9040cd7645b2d5c64e77404405e7a09d2217d5a281124c5017b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vernouepalenstithe.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 05:04:55 GMT
last-modified
Wed, 30 May 2018 10:19:05 GMT
server
GoStream
gostream-edge-location
icdn.turkiyegazetesi.com.tr
gostream-cache-ip
cache.gostreamcdn.net
etag
"5b0e7a99-f1e8"
content-type
image/jpeg
expires
Sun, 10 Oct 2021 05:04:55 GMT
cache-control
max-age=1036800, public, must-revalidate, proxy-revalidate
x-gostream-cache-status
HIT
gostream-cache-location
123.gostreamcdn.net
accept-ranges
bytes
content-length
61928
x-gostream-maincache-status
HIT
gostream-edge-ip
cdnde-a.gostreamcdn.net
Ba%C5%9Fkas%C4%B1n%C4%B1n-Mesajlar%C4%B1n%C4%B1-Nas%C4%B1l-Okurum-WhatsApp-ve-Skype-1.jpg
help724.com/wp-content/uploads/2018/02/
23 KB
24 KB
Image
General
Full URL
https://help724.com/wp-content/uploads/2018/02/Ba%C5%9Fkas%C4%B1n%C4%B1n-Mesajlar%C4%B1n%C4%B1-Nas%C4%B1l-Okurum-WhatsApp-ve-Skype-1.jpg
Requested by
Host: vernouepalenstithe.ml
URL: https://vernouepalenstithe.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.192.214.154 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
154fd4ww3.guzel.net.tr
Software
LiteSpeed /
Resource Hash
eb55c60f73816be106fbb9fb34773d453783f724e5241250b758dd56f65f462d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vernouepalenstithe.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 05:04:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Jan 2021 23:56:26 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/webp
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
cache-control
public, max-age=604800
accept-ranges
bytes
vary
User-Agent
content-length
24056
x-xss-protection
1; mode=block
expires
Tue, 05 Oct 2021 05:04:54 GMT
a-15.jpg
www.acikgazete.com/wp-content/uploads/2020/05/
27 KB
27 KB
Image
General
Full URL
https://www.acikgazete.com/wp-content/uploads/2020/05/a-15.jpg
Requested by
Host: vernouepalenstithe.ml
URL: https://vernouepalenstithe.ml/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.62.90.122 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
605153.cloudwaysapps.com
Software
nginx /
Resource Hash
b60139564c0eafd8929402a57a2a2c76d1bfdabe48ae1bb27c847bcf0f53c05d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vernouepalenstithe.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 05:04:55 GMT
last-modified
Sat, 29 May 2021 00:23:37 GMT
server
nginx
etag
"60b18989-6c35"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27701
expires
Thu, 28 Oct 2021 05:04:55 GMT
5e3927d4c9de3d16dc3c4599.jpg
i4.hurimg.com/i/hurriyet/75/750x422/
28 KB
28 KB
Image
General
Full URL
https://i4.hurimg.com/i/hurriyet/75/750x422/5e3927d4c9de3d16dc3c4599.jpg
Requested by
Host: vernouepalenstithe.ml
URL: https://vernouepalenstithe.ml/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.122 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-122.cdn77.com
Software
MerlinCDN /
Resource Hash
350fb90258a5ea68f5d65a0bb5d654161fdc97020e652589d94bd30633fe24ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vernouepalenstithe.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 05:04:55 GMT
via
HTTP/2.0 Merlin CDN
server
MerlinCDN
age
58650
x-midtier
de-fra-dp-s01
allow
GET, HEAD
content-type
image/webp
x-edge
de-fra-dp-s02
cache-control
max-age=31536000
x-ecache
HIT
accept-ranges
bytes
content-length
28720
x-mcache
MISS
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vernouepalenstithe.ml
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 08:53:13 GMT
x-content-type-options
nosniff
age
504702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27240
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:06:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 08:53:13 GMT
jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v7/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
a1bfa93165e5e460e37883ea167cdf8b99b7c618f45019b43b00fa102474ab74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vernouepalenstithe.ml
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 01:26:07 GMT
x-content-type-options
nosniff
age
13128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30536
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:05:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 01:26:07 GMT
jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2
fonts.gstatic.com/s/librefranklin/v7/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
79f5419113463682118197e02b8353aa2daec64ebcacf0b61b204645539177bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vernouepalenstithe.ml
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:49:55 GMT
x-content-type-options
nosniff
age
461700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18752
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:05:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 20:49:55 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Domain/Path Name / Value
vernouepalenstithe.ml/ Name: ch1c
Value: b