urlscan.io logo urlscan.io
SecurityTrails logo

hero-turko.com Open in urlscan Pro
2606:4700:3035::6815:58e2  Public Scan

Go To Rescan Add Verdict Report
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Submission: On August 18 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3035::6815:58e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is hero-turko.com.
TLS certificate: Issued by R3 on August 6th 2021. Valid for: 3 months.
This is the only time hero-turko.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 184.30.24.121 16625 (AKAMAI-AS)
2 4 195.82.147.248 47105 (DREAMTORR...)
2 194.106.198.130 60546 (EUROUTING)
2 18.208.5.78 14618 (AMAZON-AES)
1 2.18.235.40 16625 (AKAMAI-AS)
20 8
10    2606:4700:3035::6815:58e2 (United States)

ASN13335 (CLOUDFLARENET, US)
hero-turko.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com
s7.addthis.com
4    195.82.147.248 (Russian Federation)

ASN47105 (DREAMTORRENT-CORP-AS, RU)
i114.fastpic.ru
i114.fastpic.org
2    194.106.198.130 (United Kingdom)

ASN60546 (EUROUTING, NL)
PTR: hosted-by.eurouting.com
uploadgig.com
2    18.208.5.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-5-78.compute-1.amazonaws.com
efreecode.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
Domain Requested by
10 hero-turko.com hero-turko.com
2 efreecode.com hero-turko.com
2 uploadgig.com hero-turko.com
2 i114.fastpic.org hero-turko.com
2 i114.fastpic.ru 2 redirects
2 s7.addthis.com hero-turko.com
1 z.moatads.com s7.addthis.com
1 code.jquery.com hero-turko.com
20 8
Subject Issuer Validity Valid
*.hero-turko.com
R3		 2021-08-06 -
2021-11-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
fastpic.org
R3		 2021-07-25 -
2021-10-23		 3 months crt.sh
*.uploadgig.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-11 -
2021-12-12		 a year crt.sh
t1.extreme-dm.com
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Frame ID: 70351598E1FD3CBA37C2431529610975
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

20
Requests

100 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

368 kB
Transfer

908 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://i114.fastpic.ru/big/2021/0506/09/1868e5ed20241c615f6ab09e2bdaa909.jpeg HTTP 301
  • https://i114.fastpic.org/big/2021/0506/09/1868e5ed20241c615f6ab09e2bdaa909.jpeg
Request Chain 7
  • https://i114.fastpic.ru/big/2021/0506/1f/c88d2263884f55cfd1d6b9cb1bd4621f.jpeg HTTP 301
  • https://i114.fastpic.org/big/2021/0506/1f/c88d2263884f55cfd1d6b9cb1bd4621f.jpeg

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 394285-autopsy-basics-and-hands-on-8-hours.html
hero-turko.com/tutorials/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c582b98c583a8151e11f1e73a2f4f482d798f64217f0ac49fb2c7f52a07fbab9

Request headers

:method
GET
:authority
hero-turko.com
:scheme
https
:path
/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
pragma
no-cache
set-cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84; path=/; secure; HttpOnly
x-mod-pagespeed
1.13.35.2-0
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLxYGm3WBlBpSkrIFJ%2F9UkONbOet9eyGPs9R6R4%2FILK5OEryAjGV0KmOJ0Qa45R%2BLujsd%2BLyz30ZZRIVz%2BGrPADqT81mLLl6Naac9TUDkFjgd84KNyKsmFU6Kn3tI37jxCOA4ryQTKueQcToeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
680b5f941c493248-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cufon-yui.js+newmedia.font.js+function.js.pagespeed.jc.oBtdkZPN-Q.js
hero-turko.com/templates/heroturko/js/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hero-turko.com/templates/heroturko/js/cufon-yui.js+newmedia.font.js+function.js.pagespeed.jc.oBtdkZPN-Q.js
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
077d8e45d4b162c80318f256afcf6d59fbae1a189baccfe513dfe6c91389c5e9

Request headers

:path
/templates/heroturko/js/cufon-yui.js+newmedia.font.js+function.js.pagespeed.jc.oBtdkZPN-Q.js
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hero-turko.com
referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
36625
age
523481
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 12 Aug 2021 11:41:47 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emHQhdSOaPhfGLRepfjzOxjDGBr%2F6nNRguObJmHaerTYbN589jEtT4luEMIlZBiUw04E4CVS6Z3xOlPu7MYIoNabtv4VKxTZqY61YTFBuMx3A%2BMW4v5PWSDF13p5V1KddOQDW7jI%2BTTcgA7S7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
680b5f9a2dc42fa5-FRA
expires
Fri, 12 Aug 2022 11:41:47 GMT
jquery-1.4.3.min.js
code.jquery.com/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.4.3.min.js
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f800b399e5c7a5254fc66bb407117fe38dbde0528780e68c9f7c87d299f8486a

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
"54499a47-12fb2"
vary
Accept-Encoding
x-hw
1629292133.dop205.fr8.t,1629292133.cds280.fr8.hc,1629292133.cds208.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
26745
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Wed, 18 Aug 2021 13:08:53 GMT
x-host
s7.addthis.com
content-length
116325
A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf...
hero-turko.com/ 		78 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e3d2493beb09c34d32676a75e86994b495e7b2f35227485bcc0c9430bc6ae5

Request headers

:path
/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hero-turko.com
referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
87357
age
519208
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 12 Aug 2021 12:55:14 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEfm6Yo9JNHPW4GNpn%2FZfbyZ9LJWA9IH%2FyUUIe8x5pCkbpBiEhd2GxoCEXpb8754F2blcF8t2peCOrtwDj0bGTCJ5HdLjN3VDrnAqpeERMYEcdrkHOZz8MJb5O6o2yaXqr3fljFc7QElpOfsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
680b5f9a2dc22fa5-FRA
expires
Fri, 12 Aug 2022 12:55:14 GMT
index.php,qg=general,av=27.pagespeed.jm.pJg2D_p7ze.js
hero-turko.com/engine/classes/min/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hero-turko.com/engine/classes/min/index.php,qg=general,av=27.pagespeed.jm.pJg2D_p7ze.js
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a77b39749094c8cee18f51d59ee83b96e67a6ffea0ae9b60cf56955002175a

Request headers

:path
/engine/classes/min/index.php,qg=general,av=27.pagespeed.jm.pJg2D_p7ze.js
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hero-turko.com
referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
85578
age
523481
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 12 Aug 2021 11:36:23 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgGmK6HH%2FSSaQtm4LZKwkxilPrOP3rAFXenMlEARREMpYp0kJyU4occZGtAb6FyMkPZJ9HtuJOk7W4fdc3qKSJ2f2oZ9LJCSEeSTp3oM0yrOmm9cRGswuxU%2FrQeJRKn2%2BkrT%2F1BawOhHYJ7ypA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
680b5f9a2dc72fa5-FRA
expires
Fri, 12 Aug 2022 11:36:23 GMT
index.php
hero-turko.com/engine/classes/min/ 		152 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hero-turko.com/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/masha/masha.js&v=27
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3de4fd2c214dbc0c16ea5e07127e301b6bcc9b081b340d9d45a21bb3996114
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/masha/masha.js&v=27
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hero-turko.com
referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 06 Nov 2019 17:34:56 GMT
server
cloudflare
etag
W/"pub1573061696;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13WUu9p%2BBU8EdCXWlhxeRjm7EoSsj9Vr8h%2FLxtIjPA4kpds7Vqxb3EpPBq4ZDYHkJtx70GdeINBQhrHT%2Bd94o73KTA2qYziKHSYUxQXdQVdIgOSl%2F4Ieb%2FxpUiLb%2Fy0Q0ginZDoHt3PB7ECiRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache
cf-ray
680b5f9a7e4e2fa5-FRA
expires
Thu, 18 Aug 2022 12:59:24 GMT
1868e5ed20241c615f6ab09e2bdaa909.jpeg
i114.fastpic.org/big/2021/0506/09/
Redirect Chain
  • https://i114.fastpic.ru/big/2021/0506/09/1868e5ed20241c615f6ab09e2bdaa909.jpeg
  • https://i114.fastpic.org/big/2021/0506/09/1868e5ed20241c615f6ab09e2bdaa909.jpeg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i114.fastpic.org/big/2021/0506/09/1868e5ed20241c615f6ab09e2bdaa909.jpeg
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.147.248 , Russian Federation, ASN47105 (DREAMTORRENT-CORP-AS, RU),
Reverse DNS
Software
openresty /
Resource Hash
eb37eaf86cb300c1dba92237c1aadf26e9eb014a2de16347980dc650d4043b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
last-modified
Thu, 06 May 2021 07:16:18 GMT
server
openresty
etag
"609397c2-368d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
13965

Redirect headers

location
https://i114.fastpic.org/big/2021/0506/09/1868e5ed20241c615f6ab09e2bdaa909.jpeg
date
Wed, 18 Aug 2021 13:08:53 GMT
server
openresty
content-length
166
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
c88d2263884f55cfd1d6b9cb1bd4621f.jpeg
i114.fastpic.org/big/2021/0506/1f/
Redirect Chain
  • https://i114.fastpic.ru/big/2021/0506/1f/c88d2263884f55cfd1d6b9cb1bd4621f.jpeg
  • https://i114.fastpic.org/big/2021/0506/1f/c88d2263884f55cfd1d6b9cb1bd4621f.jpeg
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i114.fastpic.org/big/2021/0506/1f/c88d2263884f55cfd1d6b9cb1bd4621f.jpeg
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.147.248 , Russian Federation, ASN47105 (DREAMTORRENT-CORP-AS, RU),
Reverse DNS
Software
openresty /
Resource Hash
f9fe8cdce217ee8293dc472515f2cfa55560356d292680c9d1d6f2fa85090f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
last-modified
Thu, 06 May 2021 07:16:19 GMT
server
openresty
etag
"609397c3-57e6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
22502

Redirect headers

location
https://i114.fastpic.org/big/2021/0506/1f/c88d2263884f55cfd1d6b9cb1bd4621f.jpeg
date
Wed, 18 Aug 2021 13:08:53 GMT
server
openresty
content-length
166
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
iIRT8d.gif
uploadgig.com/static/d5fw/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploadgig.com/static/d5fw/iIRT8d.gif
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.106.198.130 , United Kingdom, ASN60546 (EUROUTING, NL),
Reverse DNS
hosted-by.eurouting.com
Software
nginx /
Resource Hash
949b56bc816ef1b87104a50513ab9e618c1979cf026d065b1f4b3aa14af3f66b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 13:08:53 GMT
Last-Modified
Wed, 15 Jun 2016 14:33:15 GMT
Server
nginx
ETag
"5761672b-3e2a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15914
xcanvas.png.pagespeed.ic.LZZGMhs6sf.webp
hero-turko.com/templates/heroturko/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-turko.com/templates/heroturko/images/xcanvas.png.pagespeed.ic.LZZGMhs6sf.webp
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e133e27c40e2d9a8b1fb57f8595666dc98a746ba275a5fd31a827c6cc7aebfbf

Request headers

:path
/templates/heroturko/images/xcanvas.png.pagespeed.ic.LZZGMhs6sf.webp
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hero-turko.com
referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
7207
age
507498
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1634
last-modified
Thu, 12 Aug 2021 15:50:56 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t1PdZCjYS26dxiBSiOCCn4Xe7df1JQL%2BH80Ps16gk4t03AF12GZ7bxV418QcsieGpyzxkM76nF4CRu5Eww3VVHmkYr1bZMdS1UsUgIEE0cx%2F5o%2FvsP374lmWltvYQf0RjstJopZgP0xWXJ%2Fwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
680b5f9aaea12fa5-FRA
link
<http://hero-turko.com/templates/heroturko/images/canvas.png>; rel="canonical"
expires
Fri, 12 Aug 2022 15:50:56 GMT
lg-share-en.gif
s7.addthis.com/static/btn/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s7.addthis.com/static/btn/v2/lg-share-en.gif
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
a277c82c1e9592fcdbb1b3e6c31232f92d90ec761e5b7ecb4e1ec4c9a4f7af4c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-68b"
content-type
image/gif
cache-control
public, max-age=86313600
date
Wed, 18 Aug 2021 13:08:53 GMT
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
1675
5b4rj_b.gif
uploadgig.com/static/d5fw/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploadgig.com/static/d5fw/5b4rj_b.gif
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.106.198.130 , United Kingdom, ASN60546 (EUROUTING, NL),
Reverse DNS
hosted-by.eurouting.com
Software
nginx /
Resource Hash
e81174b649cea96d0934490d64d42f10a131599a6ae05a1ad5486ae80b6ded94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 13:08:53 GMT
Last-Modified
Wed, 15 Jun 2016 14:33:16 GMT
Server
nginx
ETag
"5761672c-60b6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24758
js.js
efreecode.com/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://efreecode.com/js.js
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-5-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f70dfb04db96877ea2e3abd371506cc717a68b3a2cbc3428ad7b8678462d06ce

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 13:08:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 12:31:11 GMT
Server
nginx
ETag
"5fb2710f-980"
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Content-Length
2432
Expires
Wed, 18 Aug 2021 19:08:53 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=36714
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
xbg.png.pagespeed.ic.1BYb0-8Lyp.webp
hero-turko.com/templates/heroturko/i/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-turko.com/templates/heroturko/i/xbg.png.pagespeed.ic.1BYb0-8Lyp.webp
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e5d59a6ab759715dbef00b71854bcb530dd4232293358d39efb1a04f9e8e00d

Request headers

:path
/templates/heroturko/i/xbg.png.pagespeed.ic.1BYb0-8Lyp.webp
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hero-turko.com
referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
3155
age
521520
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2546
last-modified
Thu, 12 Aug 2021 12:06:29 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1fz7BmRd%2BGYIbuBG%2Bj3bOfKSbNHbC3RQfY9eBk2DZBWHDrU0lRRGZHnzI9H4NaK%2FNgU4zQE8IjOXsUwShr6pZ0XZlTP86rW9pAVrjxJKMIkps9VHBkE27peTmMJGvmfvUOaJxPpVLrifb%2F%2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
680b5f9aaea72fa5-FRA
link
<http://hero-turko.com/templates/heroturko/i/bg.png>; rel="canonical"
expires
Fri, 12 Aug 2022 12:06:29 GMT
xsprite.png.pagespeed.ic.OsCNt97fvL.webp
hero-turko.com/templates/heroturko/i/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-turko.com/templates/heroturko/i/xsprite.png.pagespeed.ic.OsCNt97fvL.webp
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e76f5f48fc7d4ec18d0ac406b5cdca671162955d242a9dd0d823ab66c6594c8

Request headers

:path
/templates/heroturko/i/xsprite.png.pagespeed.ic.OsCNt97fvL.webp
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hero-turko.com
referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
18703
age
519208
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15214
last-modified
Thu, 12 Aug 2021 12:44:46 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSZmwU9MWZ1okZfYNpmc2fyEu0AOmDg1eZGiN%2FYI4LHVWyZhDNNJUhKs7RCBbN7UWzOq9fH4fboo7%2BR7XGn5V%2FWYsDLiVktgudqVa8k63OZBKoEa5DKHFZUIQ1K%2BEVhI9zzl1yoapLpvUZvCXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
680b5f9aaea82fa5-FRA
link
<http://hero-turko.com/templates/heroturko/i/sprite.png>; rel="canonical"
expires
Fri, 12 Aug 2022 12:44:46 GMT
xcbg.png.pagespeed.ic.GWNIHUe-4R.webp
hero-turko.com/templates/heroturko/i/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-turko.com/templates/heroturko/i/xcbg.png.pagespeed.ic.GWNIHUe-4R.webp
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c363ac0a9893e761458533bc88c486cd00cf8f41f85d7751561b5f9d525cd2

Request headers

:path
/templates/heroturko/i/xcbg.png.pagespeed.ic.GWNIHUe-4R.webp
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hero-turko.com
referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
914
age
521520
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
814
last-modified
Thu, 12 Aug 2021 11:43:51 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OpD6odJGHJDR%2BhcEt990WfFa%2F7GrtN%2FgGPN18Jc7d1Xey4wMwxmINH1%2FysSbqeE2EfsEy4zCE07Xntlu6QJp3lPfz8zzP9Z5X0HTibHhVSz7Rqy3tBiUNWVtMP4Q%2FtE%2F0%2FadvCYF3MkLRnlHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
680b5f9aaea92fa5-FRA
link
<http://hero-turko.com/templates/heroturko/i/cbg.png>; rel="canonical"
expires
Fri, 12 Aug 2022 11:43:51 GMT
xmarker.png.pagespeed.ic.KqjmzMvP-T.webp
hero-turko.com/templates/heroturko/dleimages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hero-turko.com/templates/heroturko/dleimages/xmarker.png.pagespeed.ic.KqjmzMvP-T.webp
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:58e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47fe39a648e10e14672cdc8543be821e97560ab93bd5089c67cdd7646d395ed

Request headers

:path
/templates/heroturko/dleimages/xmarker.png.pagespeed.ic.KqjmzMvP-T.webp
pragma
no-cache
cookie
PHPSESSID=0khiddn930q2kcu5atg436ae84; __atuvc=1%7C33; __atuvs=611d066529eee11c000
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hero-turko.com
referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hero-turko.com/A.templates,,_heroturko,,_css,,_main.css+templates,,_heroturko,,_css,,_engine.css+engine,,_classes,,_min,,_index.php,,qf==engine,,_editor,,_css,,_default.css,,av==27,Mcc.rBePmIuTm1.css.pagespeed.cf.TLaNEGtjk5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 13:08:53 GMT
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
1883
age
521519
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1232
last-modified
Thu, 12 Aug 2021 12:02:18 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHl9t1PqdXLeFjeGZy6AUqHPKKfeM4WV4Z5B3pBopxakIeRDm1nelceSggebUfHRK%2FtQhZyeF1pw7fcOHGeOov%2BNeAT4SO%2Bzgri52KgqGHB9NvPIVJAR02Y6hubTgbMp%2FQNM35TfLAWNMgYyiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
680b5f9b48672fa5-FRA
link
<http://hero-turko.com/templates/heroturko/dleimages/marker.png>; rel="canonical"
expires
Fri, 12 Aug 2022 12:02:18 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
881429761e5e2ab2c861f937308d7b278236ee41f06c0402b061a5d70c49c176

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
s9.g
efreecode.com/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efreecode.com/s9.g?login=hero99&srw=1600&srh=1200&jv=false&j=y&srb=24&l=
Requested by
Host: hero-turko.com
URL: https://hero-turko.com/tutorials/394285-autopsy-basics-and-hands-on-8-hours.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-5-78.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://hero-turko.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 13:08:53 GMT
Cache-Control
no-store,must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| mod_pagespeed_NGDo8awtt1 string| mod_pagespeed_LBzLTctmXK string| mod_pagespeed_QksRXLpFqU function| Cufon function| $ function| jQuery function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto string| dle_root string| dle_admin string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg string| dle_min_search object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt string| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_c_title string| dle_complaint string| dle_mail string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree string| dle_captcha_type boolean| allow_dle_delete_news function| _init function| _open object| c_cache object| dle_poll_voted function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| ajax_fast_reply function| DLESendPM function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| subscribe function| media_upload function| dropdownmenu function| hidemenu function| delayhidemenu function| clearhidemenu function| updateSharePopupContent function| StripHTML function| showSharePopup function| hideSharePopup function| MaSha function| MultiMaSha object| addthis_config object| addthis_share boolean| __@@##MUH function| ETFreeGetStyle function| ETFreetrackercode

3 Cookies

Domain/Path Name / Value
hero-turko.com/ Name: __atuvc
Value: 1%7C33
hero-turko.com/ Name: __atuvs
Value: 611d066529eee11c000
hero-turko.com/ Name: PHPSESSID
Value: 0khiddn930q2kcu5atg436ae84

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
efreecode.com
hero-turko.com
i114.fastpic.org
i114.fastpic.ru
s7.addthis.com
uploadgig.com
z.moatads.com
18.208.5.78
184.30.24.121
194.106.198.130
195.82.147.248
2.18.235.40
2001:4de0:ac18::1:a:2a
2606:4700:3035::6815:58e2
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
077d8e45d4b162c80318f256afcf6d59fbae1a189baccfe513dfe6c91389c5e9
1e76f5f48fc7d4ec18d0ac406b5cdca671162955d242a9dd0d823ab66c6594c8
2e5d59a6ab759715dbef00b71854bcb530dd4232293358d39efb1a04f9e8e00d
3a3de4fd2c214dbc0c16ea5e07127e301b6bcc9b081b340d9d45a21bb3996114
70c363ac0a9893e761458533bc88c486cd00cf8f41f85d7751561b5f9d525cd2
881429761e5e2ab2c861f937308d7b278236ee41f06c0402b061a5d70c49c176
949b56bc816ef1b87104a50513ab9e618c1979cf026d065b1f4b3aa14af3f66b
a277c82c1e9592fcdbb1b3e6c31232f92d90ec761e5b7ecb4e1ec4c9a4f7af4c
a4a77b39749094c8cee18f51d59ee83b96e67a6ffea0ae9b60cf56955002175a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b47fe39a648e10e14672cdc8543be821e97560ab93bd5089c67cdd7646d395ed
c582b98c583a8151e11f1e73a2f4f482d798f64217f0ac49fb2c7f52a07fbab9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e133e27c40e2d9a8b1fb57f8595666dc98a746ba275a5fd31a827c6cc7aebfbf
e4e3d2493beb09c34d32676a75e86994b495e7b2f35227485bcc0c9430bc6ae5
e81174b649cea96d0934490d64d42f10a131599a6ae05a1ad5486ae80b6ded94
eb37eaf86cb300c1dba92237c1aadf26e9eb014a2de16347980dc650d4043b89
f70dfb04db96877ea2e3abd371506cc717a68b3a2cbc3428ad7b8678462d06ce
f800b399e5c7a5254fc66bb407117fe38dbde0528780e68c9f7c87d299f8486a
f9fe8cdce217ee8293dc472515f2cfa55560356d292680c9d1d6f2fa85090f84