estatediscoveryturkey.online Open in urlscan Pro
51.250.38.59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://estatediscoveryturkey.online/
Submission: On June 07 via api (June 7th 2023, 8:05:16 am UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 40 HTTP transactions. The main IP is 51.250.38.59, located in Russian Federation and belongs to YANDEXCLOUD, RU. The main domain is estatediscoveryturkey.online.
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.

This is the only time estatediscoveryturkey.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.250.38.59 51.250.38.59	200350 (YANDEXCLOUD) (YANDEXCLOUD)
17	212.193.146.52 212.193.146.52	34879 (CCT-AS NG...) (CCT-AS NGENIX)
2	54.220.192.176 54.220.192.176	16509 (AMAZON-02) (AMAZON-02)
5 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:18d::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
40	12

1 51.250.38.59 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

estatediscoveryturkey.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 212.193.146.52 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net

cdn.mrqz.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.192.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com

marquiz-backend.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:18d::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

hgwipn3sa-res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mrqz.me cdn.mrqz.me — Cisco Umbrella Rank: 544640	871 KB
9	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9496	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	135 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3244	74 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	216 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
2	cloudinary.com hgwipn3sa-res.cloudinary.com — Cisco Umbrella Rank: 396732	208 KB
2	herokuapp.com marquiz-backend.herokuapp.com — Cisco Umbrella Rank: 411236	682 B
1	google.de www.google.de — Cisco Umbrella Rank: 5056	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 121	358 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	47 KB
1	estatediscoveryturkey.online estatediscoveryturkey.online	38 KB
40	13

	Domain	Requested by
17	cdn.mrqz.me	estatediscoveryturkey.online cdn.mrqz.me
9	mc.yandex.com	3 redirects estatediscoveryturkey.online cdn.mrqz.me
3	connect.facebook.net	cdn.mrqz.me connect.facebook.net
3	mc.yandex.ru	2 redirects cdn.mrqz.me
2	www.facebook.com	estatediscoveryturkey.online
2	www.google-analytics.com	www.googletagmanager.com cdn.mrqz.me
2	hgwipn3sa-res.cloudinary.com	estatediscoveryturkey.online
2	marquiz-backend.herokuapp.com	cdn.mrqz.me
1	www.google.de	estatediscoveryturkey.online
1	www.google.com	estatediscoveryturkey.online
1	stats.g.doubleclick.net	cdn.mrqz.me
1	www.googletagmanager.com	cdn.mrqz.me
1	estatediscoveryturkey.online
40	13

This site contains links to these domains. Also see Links.

Domain
www.marquiz.ru

Subject Issuer	Validity	Valid
estatediscoveryturkey.online R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
*.mrqz.me GlobalSign GCC R3 DV TLS CA 2020	`2022-09-10` - `2023-10-12`	a year	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-17` - `2023-06-15`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-12-05` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://estatediscoveryturkey.online/
Frame ID: 71E36CE126C4477517004519CD465E5F
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сэкономьте до 80% времени на поиске квартиры в Турции для переезда и инвестиций!

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

40
Requests

93 %
HTTPS

75 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

1396 kB
Transfer

2586 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.marquiz.ru/?utm_source=widget&utm_content=647daa369960a600254c965a
Title: Marquiz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10027.fhU3vL3lj8HOTWMGU5ORqExfPIPA13N7P4_o_BPhUM-fCxbkQVIdMOC2tY2yiySz.6SzktVvEo34LNhxsyBCLTgjK5oc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10027.Ebe8tBar-DJFwYJIPQTYiwyxK-gK4FgUkmHAOfF_h1yG6kGUSNL2GoAQq4Ajxm_MYCv5IQoqdzO7o7Fiukl9L2kmlTPkBt9njOS3SCZ2al0%2C.pDhxdp2-QPO2fDMZblr_At3YynM%2C

Request Chain 34

https://mc.yandex.com/watch/91761915?wmode=7&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A3322%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A331625325420%3Ahid%3A1005072691%3Az%3A0%3Ai%3A20230607080510%3Aet%3A1686125110%3Ac%3A1%3Arn%3A787434163%3Arqn%3A1%3Au%3A1686125110866019291%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C1991%2C556%2C94%2C0%2C0%2C%2C606%2C0%2C%2C%2C%2C3306%3Aco%3A0%3Acpf%3A1%3Ans%3A1686125106786%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686125111%3At%3A%D0%A1%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%8C%D1%82%D0%B5%20%D0%B4%D0%BE%2080%25%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B5%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D0%B7%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B9!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/91761915/1?wmode=7&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A3322%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A331625325420%3Ahid%3A1005072691%3Az%3A0%3Ai%3A20230607080510%3Aet%3A1686125110%3Ac%3A1%3Arn%3A787434163%3Arqn%3A1%3Au%3A1686125110866019291%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C1991%2C556%2C94%2C0%2C0%2C%2C606%2C0%2C%2C%2C%2C3306%3Aco%3A0%3Acpf%3A1%3Ans%3A1686125106786%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686125111%3At%3A%D0%A1%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%8C%D1%82%D0%B5%20%D0%B4%D0%BE%2080%25%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B5%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D0%B7%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B9%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 35

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10027.cWVwKS8ej4v2CqD9uBF_5GhhyDmaN1VgwYiv-M5j6Ak1Vf9CJz9LbFlFghYd0a0v.Kc91b_FFStCNdptURgGiZ0o9_9M%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10027.aHLiFQ7aAXufWwFppOk7tA0ugT-LKG7grhnCCW_KVzSY0OQLrnNPjhtgt0WP4_-AQ7E5jzHeOzwIh2aqbVqLLQ%2C%2C.Q7zgu2I2Jy1j-xbmhcLmHEWqhAU%2C

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
estatediscoveryturkey.online/ 38 KB
38 KB 2604ms
556ms Document
text/html 51.250.38.59
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://estatediscoveryturkey.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.38.59 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: / Express
Resource Hash: f9f2b896406fda81fbe6c12e63ba5f4f33201938d6ba54a8b4e6352cc9990a3e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 39074
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Jun 2023 08:05:09 GMT
ETag: W/"98a2-SqvhNI9+EGUumIef8BOH8J6Z3l4"
Keep-Alive: timeout=5
X-Powered-By: Express

GET
H2 200 app.bf00d724.css
cdn.mrqz.me/css/ 127 KB
18 KB 373ms
46ms Stylesheet
text/css 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/css/app.bf00d724.css

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

990e74f3c967221a25331e4b3678dbad384ede79c4d3d065609723cfef7f51b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 9f6a623c512f1a1b6fd6b2d4bd697472.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 04 May 2023 10:32:33 GMT
server: nginx
etag: W/"0f7305b23c33f9cba4aeec16238539dc"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: YvfVzZ52yImDGxKoTbIdpn_3hR4JGuROT62Rr_bV96QYRlXKSu__xw==

GET
H2 200 chunk-vendors.54578960.css
cdn.mrqz.me/css/ 403 KB
50 KB 378ms
52ms Stylesheet
text/css 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/css/chunk-vendors.54578960.css

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

14ea4290e6f1ff05510bfadc101692c93814f353e4ca3f70c5fadc5c81ff8614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Wed, 17 May 2023 05:16:44 GMT
server: nginx
etag: W/"37af10a41f447dc25e6eb1f08a9af633"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: HI88f8T2f4ge6hCIILcmvhsqqwqg3pZHXx7ryeUcD_9w4qt0nC6JfQ==

GET
H2 200 app.417b5b55.js Show response
cdn.mrqz.me/js/ 228 KB
69 KB 424ms
97ms Script
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/app.417b5b55.js

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

485e81db1c2af0435f87cdc8256cd23512fcae623388d7bac9dc0145be793047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 4aba10f1ef4bda5f7c1b86a07ca64264.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 01 Jun 2023 04:42:40 GMT
server: nginx
etag: W/"b13512a66cd2ff28a45096676c4dfdb1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: Q8D7PDblOVHla7eNsm_bU_tCmF7MdcAvJTwlM4C4RNQYFbRX8WtP-A==

GET
H2 200 chunk-vendors.951a3e83.js Show response
cdn.mrqz.me/js/ 578 KB
189 KB 483ms
157ms Script
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/chunk-vendors.951a3e83.js

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

ea24ddf8d7f0b19f501d16dc9063c3ac1d67e474e953bc844db22cda8823087a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 8f67e81092ebd47bc649d954af911676.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-ngenix-cache: HIT
last-modified: Wed, 17 May 2023 05:16:44 GMT
server: nginx
etag: W/"b154c61267caeaab69ca8313c25360f4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: jnAMbJsiXGu1C4AnWZ60GUVUI0x6RQRHJDtdzjclduWAV5i22nIn8w==

GET
H2 200 final-page.4bc163b7.css
cdn.mrqz.me/css/ 0
247 KB 95ms
94ms Other
text/css 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/css/final-page.4bc163b7.css

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 d3e98d8cca4d16199794e4f4191b942c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Wed, 17 May 2023 05:16:44 GMT
server: nginx
etag: W/"8c7de0194b0e6cbbd8e872fc36e7ec5a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: MIcuXoY2RnQwYrdhShpdhsOFe9l31aky5n5RU-ce5-WqtZ8-rmJwWg==

GET
H2 200 date~final-page.cbd87993.js
cdn.mrqz.me/js/ 0
4 KB 129ms
129ms Other
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/date~final-page.cbd87993.js

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 28854270ecee3f8e2272bf40b3de08fa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 01 Jun 2023 04:42:40 GMT
server: nginx
etag: W/"c3bbe916202a65d2e8e1e1c4f3e95827"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: cR8SvkUuWp4cYoGpjOf3RKVJzf3lcow9uNUS_qLmf6xFPdWrgUyYhQ==

GET
H2 200 final-page.6eb69f8d.js
cdn.mrqz.me/js/ 0
77 KB 130ms
130ms Other
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/final-page.6eb69f8d.js

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 9e7d825887069100f188900375c625e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 01 Jun 2023 04:42:40 GMT
server: nginx
etag: W/"f5d962e43a96ffcd9cf5a29db4e7a5c9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: S2qLoNxtLS_MNwgGe2_IgD59yWYJmerZa8YGSL5Mj82XtgaguFKWKg==

GET
H2 200 Regular.woff2
cdn.mrqz.me/static/fonts/Gilroy/ 28 KB
28 KB 286ms
45ms Font
font/woff2 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/static/fonts/Gilroy/Regular.woff2

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

25209e0f01765fad0a6331ad3baf3ed94bd0eaed8c26d87694c5a57524a6030d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://estatediscoveryturkey.online/
Origin: https://estatediscoveryturkey.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
via: 1.1 8e24576ebf8b347c902c6c8cb2ee4948.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28260
x-ngenix-cache: HIT
last-modified: Thu, 22 Sep 2022 11:35:36 GMT
server: nginx
etag: "2c8b07ea9c186608d63d64b7dfe9045f"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: pqkYw6mNXck1EjZwgZbqt-1DtyPUlWks_3ONdG3nSbENV9wKjyDZdw==

GET
H2 200 Medium.woff2
cdn.mrqz.me/static/fonts/Gilroy/ 29 KB
29 KB 289ms
48ms Font
font/woff2 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/static/fonts/Gilroy/Medium.woff2

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

6589d27de60e678c3e38f593af996efb1b97d76d374c7b6f7b79fae676bb297a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://estatediscoveryturkey.online/
Origin: https://estatediscoveryturkey.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
via: 1.1 990cfd108795128378d881c92b299b66.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29296
x-ngenix-cache: HIT
last-modified: Thu, 22 Sep 2022 11:35:36 GMT
server: nginx
etag: "dcc50aca38c591ba7746c9ae90a16b67"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Zw4CTKDx16wusVpTlBIPGyagRAvrO0J6BxrGNZWwxhe-ExrJIC88Dw==

GET
H2 200 SemiBold2.woff2
cdn.mrqz.me/static/fonts/Gilroy/ 28 KB
29 KB 326ms
86ms Font
font/woff2 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/static/fonts/Gilroy/SemiBold2.woff2

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

c0eb55048100de95c96b40e8c5bec08f2fc771c3fd96c73d36587bfd0c7a3ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://estatediscoveryturkey.online/
Origin: https://estatediscoveryturkey.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
via: 1.1 b56f9b741cabfa29551ca2899d93a1e8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28892
x-ngenix-cache: HIT
last-modified: Thu, 22 Sep 2022 11:35:36 GMT
server: nginx
etag: "a72293461a122cdc3c8430e8d58a4219"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: tDKwsShc6IbkFZ5Gp0w0u2qcj0-nvr_yvmxh8MzNu5ghr6Uw9AuB2g==

OPTIONS
H/1.1 204
No Content opening
marquiz-backend.herokuapp.com/v1/analytics/ 0
0 138ms
34ms Preflight 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://marquiz-backend.herokuapp.com/v1/analytics/opening?lng=en-US&tz=Etc%2FUnknown
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://estatediscoveryturkey.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://estatediscoveryturkey.online
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Wed, 07 Jun 2023 08:05:10 GMT
Server: Cowboy
Vary: Origin, Access-Control-Request-Headers
Via: 1.1 vegur
X-Powered-By: Express

GET
H2 200 quiz~swiper.eae7cb91.js
cdn.mrqz.me/js/ 0
5 KB 50ms
49ms Other
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/quiz~swiper.eae7cb91.js

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 1be5216f770ec05deb91e9e25b61b898.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
age: 4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 01 Jun 2023 04:42:40 GMT
server: nginx
etag: W/"b8b93578afa323f1d559e018168f030f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: Vo2ccLqSkVw1kaz5j_JT1eVX6dnVywdaZJHsVi5BBSSPOJlgxCHgVA==

GET
H2 200 quiz.d9a41c24.js
cdn.mrqz.me/js/ 0
28 KB 51ms
50ms Other
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/quiz.d9a41c24.js

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 4aba10f1ef4bda5f7c1b86a07ca64264.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
age: 4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 01 Jun 2023 04:42:40 GMT
server: nginx
etag: W/"3be923ad8f69f343c72a52ad6a3862d2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: 71XFrZd87UY2mjGDSXF7buQoKDd8uHOx58inS0jLsXBbqX9ExrwN7g==

GET
H2 200 chunk-3d93b550.694bdfe9.js
cdn.mrqz.me/js/ 0
35 KB 54ms
53ms Other
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/chunk-3d93b550.694bdfe9.js

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 7ddb2b9bba2e00f11b5de58d7aa1249c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Wed, 10 May 2023 10:31:19 GMT
server: nginx
etag: W/"2dc0fb7c8c339709df2bc6cf5b77e87d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: Pzg2GY9rG9W9ziSO_M_9PQqdSLBoggW2KImvGqZ6C8PsvDNBh5jzKw==

GET
H2 200 landing.970e027c.js
cdn.mrqz.me/js/ 0
9 KB 60ms
59ms Other
application/javascript 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mrqz.me/js/landing.970e027c.js

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:09 GMT
content-encoding: gzip
via: 1.1 28854270ecee3f8e2272bf40b3de08fa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL51-P1
age: 4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 01 Jun 2023 04:42:40 GMT
server: nginx
etag: W/"96650a565c0793e4a78f18823142a9b0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: C9EKXVHnSBW7K5DsWmUhpkX80Q6ISM5cp1xfAaqXTB2plyh2zFEU1g==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 214 KB
74 KB 210ms
101ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f4ad169d92e6672202eb340ddc857e11802d10ba2722b80ebe1b5d31371c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 30 May 2023 06:12:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64756982-12485"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74885
expires: Wed, 07 Jun 2023 09:05:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113524925-1

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1965e7d9f42edf1f9c55ae736e2395c81dc73a115b3020a377c9f0d3cbebb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47490
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 08:05:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 26ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/app.417b5b55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 08:05:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lImuexd6QtP1WPs1KMS0wcWeIQfCNYAkT8P9QRL3DbU2kNDWJguR2lWHI7gysbcHqQbOagDhYQQusFIq5aZ2Pg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK opening Show response
marquiz-backend.herokuapp.com/v1/analytics/ 15 B
682 B 58ms
57ms XHR
application/json 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marquiz-backend.herokuapp.com/v1/analytics/opening?lng=en-US&tz=Etc%2FUnknown

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.951a3e83.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-192-176.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://estatediscoveryturkey.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains
Date: Wed, 07 Jun 2023 08:05:10 GMT
X-Content-Type-Options: nosniff
Via: 1.1 vegur
Surrogate-Control: no-store
Connection: keep-alive
Content-Length: 15
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Server: Cowboy
Etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://estatediscoveryturkey.online
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Expires: 0

GET
H2 200 ofpf4uxokckaye8mggm2.png
hgwipn3sa-res.cloudinary.com/image/upload/w_auto,f_auto,q_auto,g_auto,c_fill,h_37,dpr_1/ 2 KB
2 KB 71ms
19ms Image
image/webp 2a02:26f0:6c00:18d::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hgwipn3sa-res.cloudinary.com/image/upload/w_auto,f_auto,q_auto,g_auto,c_fill,h_37,dpr_1/ofpf4uxokckaye8mggm2.png

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:18d::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

f33f662f20f77d795f533f09f643528b02baf69c17c7839956e7e86704a581f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="ofpf4uxokckaye8mggm2.webp"
server-timing: cld-akam;dur=10;start=2023-06-07T08:05:10.114Z;desc=miss,rtt;dur=7,cloudinary;dur=155;start=2023-06-06T12:36:33.887Z
content-length: 1774
last-modified: Thu, 19 Jan 2023 13:47:34 GMT
server: Cloudinary
etag: "a66f53dfd5ced69cda2a6402d440e031"
vary: Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR,Width,Sec-CH-Width
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 marquiz.6c626418.svg
cdn.mrqz.me/img/ 2 KB
2 KB 41ms
41ms Image
image/svg+xml 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mrqz.me/img/marquiz.6c626418.svg

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

2be6141234fd618f7c720812075ea9860cacfa2be8b387d507230200c3712076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
content-encoding: gzip
via: 1.1 78dbcb60ca54760934851cf8d8476f3a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 19
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 22 Sep 2022 11:35:36 GMT
server: nginx
etag: W/"6c6264184bd225ad9cb8a675a48a757b"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: NwOqlrtnKqA8roPFgAgmBY8MhdA5NNkYjnBn7ZngXtOG2i4dKEfHDA==

GET
H2 200 wrq5hday5tcudlthgjn8.jpg
hgwipn3sa-res.cloudinary.com/image/upload/w_1600,f_auto,q_auto,g_auto,c_fill,dpr_1/ 204 KB
205 KB 185ms
153ms Image
image/jpeg 2a02:26f0:6c00:18d::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hgwipn3sa-res.cloudinary.com/image/upload/w_1600,f_auto,q_auto,g_auto,c_fill,dpr_1/wrq5hday5tcudlthgjn8.jpg

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:18d::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

fc7ba4adacd5f050ab6f0a2d19ce68bf900ae461ee6d41549f956d17f909f8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Sat, 07 Jan 2023 17:51:33 GMT
server: Cloudinary
etag: "fb61dc3941dc46d132aaf46f1efc3023"
vary: Accept,User-Agent,Save-Data
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: cld-akam;dur=144;cpu=16;start=2023-06-07T08:05:10.114Z;desc=miss,rtt;dur=7,cloudinary;dur=31;start=2023-06-07T08:05:10.178Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 209217

GET
H2 200 catalog.150ec5dc.png
cdn.mrqz.me/img/ 64 KB
50 KB 113ms
113ms Image
image/png 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mrqz.me/img/catalog.150ec5dc.png

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

f5f28cf8205390047ccf66e29336ba98e9f62edccc8b062779f5ea14a489f8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
via: 1.1 b44f106cb108901846bfcc9a6508c900.cloudfront.net (CloudFront)
content-encoding: gzip
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 37
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-ngenix-cache: HIT
last-modified: Thu, 22 Sep 2022 11:35:36 GMT
server: nginx
etag: W/"150ec5dcdd229722e7bea482ddf9bf70"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-amz-cf-id: hif4BSP7s2PsLj3qeHbbWP4VnvnQloDwOiKKt2uJiBzty6HRLT3dCw==

GET
H2 200 loader.4c98b8f7.svg
cdn.mrqz.me/img/ 815 B
1 KB 115ms
115ms Image
image/svg+xml 212.193.146.52
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mrqz.me/img/loader.4c98b8f7.svg

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/css/app.bf00d724.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.193.146.52 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),

Reverse DNS

cdn.ngenix.net

Software

nginx /

Resource Hash

52bf3dc76bce8ad0316d768f848c31357e34cafc0cc412c390661fad9f4a7f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.mrqz.me/css/app.bf00d724.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
via: 1.1 6da67a85460a493ba4aab4d94239d022.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: HEL50-C1
age: 19
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 815
x-ngenix-cache: HIT
last-modified: Thu, 22 Sep 2022 11:35:36 GMT
server: nginx
etag: "4c98b8f74af51b62c57ed9d900fc54bc"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: tR6YjfPEqBVEQMxAxq_RfJ8KWeDa733ZZLW0l4L739JTeyIwl3RT4w==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 08:05:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kwUqTXg2ld+a9DY5Phrg25892tBBeWFn3dXkasmSb9YIEM9/v3lPmHXZjfhn70cu0iQDuMPId3fR26uiuf2/+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 171150535651701 Show response
connect.facebook.net/signals/config/ 300 KB
87 KB 132ms
132ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/171150535651701?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3d30ddc319da379445a26f612ae28d3ea0c1bdd5a23a128c57af9ecd135711d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Jun 2023 08:05:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: AFYLtmN2Mm10FzDjMllBT9rM1LqmzcymAmhvoKC8gw4e2TDrZB8iaLtSeK8eCTnaEugX48lLLqxZ99jVBmGJaw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 32ms
8ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113524925-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 07:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3622
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 07 Jun 2023 09:04:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
216 B 16ms
15ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1681422952&t=pageview&_s=1&dl=https%3A%2F%2Festatediscoveryturkey.online%2F&ul=en-us&de=UTF-8&dt=Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAIC~&jid=1562220949&gjid=2111537033&cid=749940244.1686125110&tid=UA-113524925-1&_gid=2095521290.1686125110&_r=1&gtm=457e3650&z=838026506

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.951a3e83.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://estatediscoveryturkey.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://estatediscoveryturkey.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
358 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-113524925-1&cid=749940244.1686125110&jid=1562220949&gjid=2111537033&_gid=2095521290.1686125110&_u=YEBAAUAAAAAAACAAIC~&z=1120456388

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.951a3e83.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://estatediscoveryturkey.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Jun 2023 08:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://estatediscoveryturkey.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 44ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-113524925-1&cid=749940244.1686125110&jid=1562220949&_u=YEBAAUAAAAAAACAAIC~&z=53320312

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 41ms
18ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-113524925-1&cid=749940244.1686125110&jid=1562220949&_u=YEBAAUAAAAAAACAAIC~&z=53320312

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10027.fhU3vL3lj8HOTWMGU5ORqExfPIPA13N7P4_o_BPhUM-fCxbkQVIdMOC2tY2yiySz.6SzktVvEo34LNhxsyBCLTgjK5oc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10027.Ebe8tBar-DJFwYJIPQTYiwyxK-gK4FgUkmHAOfF_h1yG6kGUSNL2GoAQq4Ajxm_MYCv5IQoqdzO7o7Fiukl9L2kmlTPkBt9njOS3SCZ2al0%2C.pDhxdp2-QPO2fDMZblr_At3YynM%2C

43 B
67 B

51ms
51ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10027.Ebe8tBar-DJFwYJIPQTYiwyxK-gK4FgUkmHAOfF_h1yG6kGUSNL2GoAQq4Ajxm_MYCv5IQoqdzO7o7Fiukl9L2kmlTPkBt9njOS3SCZ2al0%2C.pDhxdp2-QPO2fDMZblr_At3YynM%2C

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10027.Ebe8tBar-DJFwYJIPQTYiwyxK-gK4FgUkmHAOfF_h1yG6kGUSNL2GoAQq4Ajxm_MYCv5IQoqdzO7o7Fiukl9L2kmlTPkBt9njOS3SCZ2al0%2C.pDhxdp2-QPO2fDMZblr_At3YynM%2C
date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 91ms
51ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30 May 2023 06:12:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64756982-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Jun 2023 09:05:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=171150535651701&ev=PageView&dl=https%3A%2F%2Festatediscoveryturkey.online%2F&rl=&if=false&ts=1686125110375&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&fbp=fb.1.1686125110374.1810273569&it=1686125110113&coo=false&exp=a0&rqm=GET

Requested by

Host: estatediscoveryturkey.online
URL: https://estatediscoveryturkey.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 08:05:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/91761915/
Redirect Chain

https://mc.yandex.com/watch/91761915?wmode=7&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%...
https://mc.yandex.com/watch/91761915/1?wmode=7&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkw...

435 B
576 B

59ms
59ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/91761915/1?wmode=7&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A3322%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A331625325420%3Ahid%3A1005072691%3Az%3A0%3Ai%3A20230607080510%3Aet%3A1686125110%3Ac%3A1%3Arn%3A787434163%3Arqn%3A1%3Au%3A1686125110866019291%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C1991%2C556%2C94%2C0%2C0%2C%2C606%2C0%2C%2C%2C%2C3306%3Aco%3A0%3Acpf%3A1%3Ans%3A1686125106786%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686125111%3At%3A%D0%A1%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%8C%D1%82%D0%B5%20%D0%B4%D0%BE%2080%25%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B5%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D0%B7%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B9%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aa73762e402dd33a7c3089550ecf979aacb90e8ccfded1290f67ca7fcd6dfb1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 07-Jun-2023 08:05:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://estatediscoveryturkey.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Wed, 07-Jun-2023 08:05:10 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 07-Jun-2023 08:05:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/91761915/1?wmode=7&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&charset=utf-8&site-info=%7B%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A3322%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A331625325420%3Ahid%3A1005072691%3Az%3A0%3Ai%3A20230607080510%3Aet%3A1686125110%3Ac%3A1%3Arn%3A787434163%3Arqn%3A1%3Au%3A1686125110866019291%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C1991%2C556%2C94%2C0%2C0%2C%2C606%2C0%2C%2C%2C%2C3306%3Aco%3A0%3Acpf%3A1%3Ans%3A1686125106786%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1686125111%3At%3A%D0%A1%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%8C%D1%82%D0%B5%20%D0%B4%D0%BE%2080%25%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B5%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D0%B7%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B9%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://estatediscoveryturkey.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 07-Jun-2023 08:05:10 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10027.cWVwKS8ej4v2CqD9uBF_5GhhyDmaN1VgwYiv-M5j6Ak1Vf9CJz9LbFlFghYd0a0v.Kc91b_FFStCNdptURgGiZ0o9_9M%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10027.aHLiFQ7aAXufWwFppOk7tA0ugT-LKG7grhnCCW_KVzSY0OQLrnNPjhtgt0WP4_-AQ7E5jzHeOzwIh2aqbVqLLQ%2C%2C.Q7zgu2I2Jy1j-xbmhcLmHEWqhAU%2C

43 B
79 B

58ms
58ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10027.aHLiFQ7aAXufWwFppOk7tA0ugT-LKG7grhnCCW_KVzSY0OQLrnNPjhtgt0WP4_-AQ7E5jzHeOzwIh2aqbVqLLQ%2C%2C.Q7zgu2I2Jy1j-xbmhcLmHEWqhAU%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10027.aHLiFQ7aAXufWwFppOk7tA0ugT-LKG7grhnCCW_KVzSY0OQLrnNPjhtgt0WP4_-AQ7E5jzHeOzwIh2aqbVqLLQ%2C%2C.Q7zgu2I2Jy1j-xbmhcLmHEWqhAU%2C
date: Wed, 07 Jun 2023 08:05:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=171150535651701&ev=Microdata&dl=https%3A%2F%2Festatediscoveryturkey.online%2F&rl=&if=false&ts=1686125110878&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%A1%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%8C%D1%82%D0%B5%20%D0%B4%D0%BE%2080%25%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B5%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D0%B7%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B9!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%D0%A1%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%8C%D1%82%D0%B5%20%D0%B4%D0%BE%2080%25%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%D0%B5%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%A2%D1%83%D1%80%D1%86%D0%B8%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%B5%D1%80%D0%B5%D0%B5%D0%B7%D0%B4%D0%B0%20%D0%B8%20%D0%B8%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B9!%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fres.cloudinary.com%2Fhgwipn3sa%2Fimage%2Fupload%2Fv1671180505%2Fwrq5hday5tcudlthgjn8.jpg%22%2C%22og%3Adescription%22%3A%22%D0%9E%D1%82%D0%B2%D0%B5%D1%82%D1%8C%D1%82%D0%B5%20%D0%BD%D0%B0%206%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D0%B5%20%D0%BF%D0%BE%D0%B4%D0%B1%D0%BE%D1%80%D0%BA%D1%83%20%D0%B8%D0%B7%2020%20%D0%B0%D0%BF%D0%B0%D1%80%D1%82%D0%B0%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%3A%20%D0%A0%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B0%20%D0%B4%D0%BE%206%20%D0%BB%D0%B5%D1%82%20%D0%BF%D0%BE%D0%B4%200%25%20%D0%A6%D0%B5%D0%BD%D1%8B%20%D0%BE%D1%82%20%D0%B7%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%89%D0%B8%D0%BA%D0%BE%D0%B2%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.106&r=stable&ec=1&o=30&fbp=fb.1.1686125110374.1810273569&it=1686125110113&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://estatediscoveryturkey.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Jun 2023 08:05:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 91761915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 158ms
158ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/91761915?wmode=0&wv-part=1&wv-hit=1005072691&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&rn=978828901&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1686125113%3Aw%3A1600x1200%3Av%3A1051%3Az%3A0%3Ai%3A20230607080513%3Au%3A1686125110866019291%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Ast%3A1686125113&t=gdpr(14)ti(2)

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.951a3e83.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://estatediscoveryturkey.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:13 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 07-Jun-2023 08:05:13 GMT
content-type: image/gif
access-control-allow-origin: https://estatediscoveryturkey.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 07-Jun-2023 08:05:13 GMT

POST
H2 200 91761915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 58ms
58ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/91761915?wmode=0&wv-part=1&wv-hit=1005072691&page-url=https%3A%2F%2Festatediscoveryturkey.online%2F&rn=958593318&wv-type=3&browser-info=we%3A1%3Aet%3A1686125114%3Aw%3A1600x1200%3Av%3A1051%3Az%3A0%3Ai%3A20230607080513%3Au%3A1686125110866019291%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Ast%3A1686125114&t=gdpr(14)ti(2)

Requested by

Host: cdn.mrqz.me
URL: https://cdn.mrqz.me/js/chunk-vendors.951a3e83.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://estatediscoveryturkey.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 08:05:13 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 07-Jun-2023 08:05:13 GMT
content-type: image/gif
access-control-allow-origin: https://estatediscoveryturkey.online
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 07-Jun-2023 08:05:13 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
estatediscoveryturkey.online/	1970-01-20 12:23:31	Name: visitor_id Value: d61ccef2-0a5a-4ae0-9ba2-5a17b1da3aef
estatediscoveryturkey.online/	1970-01-20 13:05:17	Name: marquiz_visitor_id Value: 26b40490-5401-4b99-9aaa-c79fae334363
.estatediscoveryturkey.online/	1970-01-20 21:58:05	Name: _ga Value: GA1.2.749940244.1686125110
.estatediscoveryturkey.online/	1970-01-20 12:23:31	Name: _gid Value: GA1.2.2095521290.1686125110
.estatediscoveryturkey.online/	1970-01-20 12:22:05	Name: _gat_gtag_UA_113524925_1 Value: 1
estatediscoveryturkey.online/	1970-01-20 12:22:05	Name: uuid_undefined Value: bc8acfe5-3bc4-4e38-9f50-2e28405ae723
.estatediscoveryturkey.online/	1970-01-20 21:07:41	Name: _ym_uid Value: 1686125110866019291
.estatediscoveryturkey.online/	1970-01-20 21:07:41	Name: _ym_d Value: 1686125110
.estatediscoveryturkey.online/	1970-01-20 14:31:41	Name: _fbp Value: fb.1.1686125110374.1810273569
.estatediscoveryturkey.online/	1970-01-20 12:23:17	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 12:22:05	Name: sync_cookie_csrf Value: 1337099761fake
.mc.yandex.ru/	1970-01-20 12:22:05	Name: sync_cookie_csrf Value: 664768147fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1636950561686125110
.yandex.com/	1970-01-20 21:58:05	Name: i Value: 7Cazo8Co3C4hJq8LSZA730zNINWn7YCOGD4moZdoOuxXTyQd+mk5MLEK5yZ28iPnUtusPxdgEft+YzO0ttTrT96Tb0c=
.yandex.com/	1970-01-20 21:58:05	Name: yandexuid Value: 2507801281686125110
.yandex.com/	1970-01-20 21:07:41	Name: yuidss Value: 2507801281686125110
.yandex.com/	1970-01-20 21:07:41	Name: ymex Value: 1717661110.yc.1686125110#1717661110.yrts.1686125110#1717661110.yrtsi.1686125110
.yandex.com/	1970-01-20 21:07:41	Name: bh Value: KgI/MA==
.estatediscoveryturkey.online/	1970-01-20 12:22:06	Name: _ym_visorc Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mrqz.me
connect.facebook.net
estatediscoveryturkey.online
hgwipn3sa-res.cloudinary.com
marquiz-backend.herokuapp.com
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2001:4860:4802:32::178
212.193.146.52
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9a
2a02:26f0:6c00:18d::523
2a02:6b8::1:119
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
51.250.38.59
54.220.192.176
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
14ea4290e6f1ff05510bfadc101692c93814f353e4ca3f70c5fadc5c81ff8614
25209e0f01765fad0a6331ad3baf3ed94bd0eaed8c26d87694c5a57524a6030d
2be6141234fd618f7c720812075ea9860cacfa2be8b387d507230200c3712076
485e81db1c2af0435f87cdc8256cd23512fcae623388d7bac9dc0145be793047
52bf3dc76bce8ad0316d768f848c31357e34cafc0cc412c390661fad9f4a7f4d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f4ad169d92e6672202eb340ddc857e11802d10ba2722b80ebe1b5d31371c2ab
6589d27de60e678c3e38f593af996efb1b97d76d374c7b6f7b79fae676bb297a
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
990e74f3c967221a25331e4b3678dbad384ede79c4d3d065609723cfef7f51b7
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
aa73762e402dd33a7c3089550ecf979aacb90e8ccfded1290f67ca7fcd6dfb1c
b1965e7d9f42edf1f9c55ae736e2395c81dc73a115b3020a377c9f0d3cbebb6e
c0eb55048100de95c96b40e8c5bec08f2fc771c3fd96c73d36587bfd0c7a3ba0
d3d30ddc319da379445a26f612ae28d3ea0c1bdd5a23a128c57af9ecd135711d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea24ddf8d7f0b19f501d16dc9063c3ac1d67e474e953bc844db22cda8823087a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33f662f20f77d795f533f09f643528b02baf69c17c7839956e7e86704a581f7
f5f28cf8205390047ccf66e29336ba98e9f62edccc8b062779f5ea14a489f8c4
f9f2b896406fda81fbe6c12e63ba5f4f33201938d6ba54a8b4e6352cc9990a3e
fc7ba4adacd5f050ab6f0a2d19ce68bf900ae461ee6d41549f956d17f909f8c8

estatediscoveryturkey.online Open in urlscan Pro 51.250.38.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

93 %HTTPS

75 %IPv6

13 Domains

13 Subdomains

12 IPs

5 Countries

1396 kBTransfer

2586 kBSize

19 Cookies

1 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

estatediscoveryturkey.online Open in urlscan Pro
51.250.38.59 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

93 %
HTTPS

75 %
IPv6

13
Domains

13
Subdomains

12
IPs

5
Countries

1396 kB
Transfer

2586 kB
Size

19
Cookies

40 HTTP transactions
0 data transactions