urlscan.io logo urlscan.io
SecurityTrails logo

gecmisi.xyz Open in urlscan Pro
2a13:7c00:5:7:f816:3eff:fece:f7b1  Public Scan

Go To Rescan Add Verdict Report
URL: https://gecmisi.xyz/
Submission: On October 17 via api from IN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 29 HTTP transactions. The main IP is 2a13:7c00:5:7:f816:3eff:fece:f7b1, located in Hong Kong and belongs to AS56971 AS56971 Cloud, HK. The main domain is gecmisi.xyz.
TLS certificate: Issued by R10 on September 11th 2024. Valid for: 3 months.
This is the only time gecmisi.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2a13:7c00:5:7:f816:3eff:fece:f7b1 (Hong Kong)

ASN56971 (AS56971 AS56971 Cloud, HK)
gecmisi.xyz
gecmisi.com.tr
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
doubleclick.net
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
211 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9307
4 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4610
73 KB
3 gecmisi.xyz
gecmisi.xyz
10 KB
2 gstatic.com
fonts.gstatic.com
72 KB
2 gecmisi.com.tr
gecmisi.com.tr
5 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
1 doubleclick.net
doubleclick.net — Cisco Umbrella Rank: 20
2 KB
1 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
11 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
106 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
29 11
Domain Requested by
8 mc.yandex.com 3 redirects gecmisi.xyz
mc.yandex.ru
7 pagead2.googlesyndication.com gecmisi.xyz
pagead2.googlesyndication.com
3 mc.yandex.ru 1 redirects gecmisi.xyz
3 gecmisi.xyz gecmisi.xyz
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 gecmisi.com.tr gecmisi.xyz
1 region1.google-analytics.com www.googletagmanager.com
1 doubleclick.net gecmisi.xyz
1 fundingchoicesmessages.google.com gecmisi.xyz
1 www.googletagmanager.com gecmisi.xyz
1 fonts.googleapis.com gecmisi.xyz
29 12

This site contains links to these domains. Also see Links.

Domain
gecmisi.com.tr
Subject Issuer Validity Valid
gecmisi.xyz
R10		 2024-09-11 -
2024-12-10		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://gecmisi.xyz/
Frame ID: 08A6FDB1510FFE9AD27E05297FFAA8A8
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 30003887378E68C751A407A8639B8DAB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7473792581783160&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729073410&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fgecmisi.xyz%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729199472896&bpp=4&bdt=284&idt=234&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=68467514607&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31088129%2C31088130%2C44795922%2C95344190&oid=2&pvsid=728881170080990&tmod=826067255&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=258
Frame ID: E5C4EF6209F4D0110E779C3CDD2FCF09
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7473792581783160&output=html&h=280&slotname=5979267485&adk=711126517&adf=1703909252&pi=t.ma~as.5979267485&w=480&abgtt=6&fwrn=4&fwrnh=100&lmt=1729073410&rafmt=1&format=480x280&url=https%3A%2F%2Fgecmisi.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729199472900&bpp=2&bdt=288&idt=272&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=68467514607&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31088129%2C31088130%2C44795922%2C95344190&oid=2&pvsid=728881170080990&tmod=826067255&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=283
Frame ID: 521DD1CDE63EEEFEE1FC77A9192F615B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7473792581783160&output=html&h=280&slotname=5979267485&adk=1463247186&adf=1823046886&pi=t.ma~as.5979267485&w=480&abgtt=6&fwrn=4&fwrnh=100&lmt=1729073410&rafmt=1&format=480x280&url=https%3A%2F%2Fgecmisi.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729199472902&bpp=1&bdt=290&idt=296&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C480x280&nras=1&correlator=68467514607&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31088129%2C31088130%2C44795922%2C95344190&oid=2&pvsid=728881170080990&tmod=826067255&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=300
Frame ID: 6108B900DB224802F8C604FFC7737B70
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 13F1DA84377C05C11E84DB04C5C5900A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: BA1BFCB3CBCDDEAB10228C942F6012CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fiyat Geçmişi

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

29
Requests

90 %
HTTPS

89 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

494 kB
Transfer

1291 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10525.hlb_p1QDMELyNDJ4CzfQuX_5wIPU0SBAmkmRDWmcR1aOHjdFAZj_WZb-5Mbxxj-k._eK86z4_SC8XHuRQpFnn8DiLcPI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10525.09OF-ntjqJT37U56UXWyBzi_c79LjA_PM2ylNNzQVHkiji7hOuXdV_pYoZNEm0nAMNVa5lPv60nV5Xm9TLeexUdcsfhYjSJaoJO3Sc65dKYgU_v70vFdnqocSdkHqAo0J2WfOZRa4PhtcDb-g5eEnzox96MXutJf9z_GklzSKL3RY_ol7ZQkCtTGZNPSAYIiq0QXArWuwH_ySxvLZNLBg2c-10crHlE74CuIfqzZgh8%2C.HDS6aGjBnL1NRE8m-cip1KtJ2Yw%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10525.3N_3I6AQLs7EHDE-xGQAgUNjjfQrkBRxGRf1yyQlJEBciq1Wc3ZrqsoGa8yU8Z8oWtIiPkEP_DYv_ahNmru_fS9pZQP986fTB2J6fx3dBARKjX1hJtRj0Ukn4gPhj8DW_GI8ehpyzJZ-ghkTKDXwj6MYqr7AquvK5XqiHWwgaxvQKX5Bxpn49McSixRFbFxIZanx4-S1TMAKojZuDslu_w%2C%2C.opeVvzX4CznJlvrZ1EncNSklcsM%2C
Request Chain 21
  • https://mc.yandex.com/watch/98132409?wmode=7&page-url=https%3A%2F%2Fgecmisi.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A524051811252%3Ahid%3A501686674%3Az%3A120%3Ai%3A20241017231113%3Aet%3A1729199474%3Ac%3A1%3Arn%3A671747405%3Arqn%3A1%3Au%3A1729199474832294491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A521%3Awv%3A2%3Ads%3A89%2C90%2C60%2C3%2C0%2C0%2C%2C274%2C1%2C%2C%2C%2C524%3Aco%3A0%3Acpf%3A1%3Ans%3A1729199472354%3Agi%3AR0ExLjEuNDAwNTMyNzcxLjE3MjkxOTk0NzM%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1729199474%3At%3AFiyat%20Ge%C3%A7mi%C5%9Fi&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
  • https://mc.yandex.com/watch/98132409/1?wmode=7&page-url=https%3A%2F%2Fgecmisi.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A524051811252%3Ahid%3A501686674%3Az%3A120%3Ai%3A20241017231113%3Aet%3A1729199474%3Ac%3A1%3Arn%3A671747405%3Arqn%3A1%3Au%3A1729199474832294491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A521%3Awv%3A2%3Ads%3A89%2C90%2C60%2C3%2C0%2C0%2C%2C274%2C1%2C%2C%2C%2C524%3Aco%3A0%3Acpf%3A1%3Ans%3A1729199472354%3Agi%3AR0ExLjEuNDAwNTMyNzcxLjE3MjkxOTk0NzM%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1729199474%3At%3AFiyat%20Ge%C3%A7mi%C5%9Fi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gecmisi.xyz/ 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a13:7c00:5:7:f816:3eff:fece:f7b1 , Hong Kong, ASN56971 (AS56971 AS56971 Cloud, HK),
Reverse DNS
Software
Apache /
Resource Hash
113610b3d0915211e6d55352a0f6f827054d7fbd5c5ee15ee7703c99f53925ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=120, public, no-transform, must-revalidate
content-encoding
gzip
content-length
8830
content-type
text/html
date
Thu, 17 Oct 2024 21:11:12 GMT
expires
Thu, 17 Oct 2024 21:13:12 GMT
last-modified
Tue, 16 Oct 2024 10:10:10 GMT
server
Apache
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7473792581783160
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d024fc195d7d3f2572372096a6c168d04e401f89f07345491a3fdd8768b1fbcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gecmisi.xyz
Referer
https://gecmisi.xyz/

Response headers

content-encoding
br
etag
9436523627053782603
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 21:11:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 21:11:12 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52633
x-xss-protection
0
server
cafe
style.css
gecmisi.com.tr/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gecmisi.com.tr/style.css
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a13:7c00:5:7:f816:3eff:fece:f7b1 , Hong Kong, ASN56971 (AS56971 AS56971 Cloud, HK),
Reverse DNS
Software
Apache /
Resource Hash
20ab3a8ad1962db1765d8b7a10b775ac66e4ea50c24aa93858f59f3c0792dcd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

cache-control
max-age=3600, public, no-transform, must-revalidate
content-encoding
gzip
expires
Thu, 17 Oct 2024 22:11:12 GMT
accept-ranges
bytes
content-length
1996
date
Thu, 17 Oct 2024 21:11:12 GMT
last-modified
Tue, 16 Oct 2024 10:10:10 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
css2
fonts.googleapis.com/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcb72a8d2478bc448bab6712de33a8370c2b3027d9ae9a079d1f4de5a6600634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 21:11:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 21:11:12 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 17 Oct 2024 19:15:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
ublock.js
gecmisi.com.tr/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gecmisi.com.tr/ublock.js
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a13:7c00:5:7:f816:3eff:fece:f7b1 , Hong Kong, ASN56971 (AS56971 AS56971 Cloud, HK),
Reverse DNS
Software
Apache /
Resource Hash
01ebdfd1bbebe0edce8d8e10be6bf32fc3b98542b08df784adb31bf87dac7802

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

cache-control
max-age=3600, public, no-transform, must-revalidate
content-encoding
gzip
expires
Thu, 17 Oct 2024 22:11:12 GMT
accept-ranges
bytes
content-length
2817
date
Thu, 17 Oct 2024 21:11:12 GMT
last-modified
Tue, 16 Oct 2024 10:10:10 GMT
vary
Accept-Encoding
server
Apache
content-type
text/javascript
js
www.googletagmanager.com/gtag/ 		319 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9KXTK4G1SB
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6fce3a71653914c66f93fbefdb329e30739602d652cd19268de37086aa7e55c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 17 Oct 2024 21:11:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 21:11:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108114
x-xss-protection
0
server
Google Tag Manager
pub-7473792581783160
fundingchoicesmessages.google.com/i/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-7473792581783160?ers=1
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c3f6eebf1b8d7f3f2e2294ce10345140939ddfd4ed9fbe9f652e13a9d9cd04b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2TU2lWfb9xV9i8ElqsQZWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 21:11:12 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0JBiOO90h-k6EEt8fcmkBcRO6TNYQ4C49eY51ulAnPTvPGsJELtrXWT1B2JDhUuszkDsWHSJ1ROIVXsusZoD8f11l1ifA_HXPZdY_wLx3o-XWI8CcZHEFdYWIL7ddIX1MRAL8XB8-HV0B5vAhweHJjMraSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGJrqGZjHFxgAAHYVS2k"
content-security-policy
script-src 'report-sample' 'nonce-2TU2lWfb9xV9i8ElqsQZWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
tag.js
mc.yandex.ru/metrika/ 		208 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3161948f21bf24d9ef8c34e37b7d1790d5cce63c44d982ca9f63bc6b6acbfe99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6707cb5e-11cda"
expires
Thu, 17 Oct 2024 22:11:13 GMT
access-control-allow-origin
*
content-length
72922
date
Thu, 17 Oct 2024 21:11:13 GMT
last-modified
Thu, 10 Oct 2024 12:41:02 GMT
content-type
application/javascript
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bc6ad5d794fb10405c853199c77d5facf5158565f6c63a481457f0794d8ba48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
get-public-key
gecmisi.xyz/api/ 		474 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gecmisi.xyz/api/get-public-key
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a13:7c00:5:7:f816:3eff:fece:f7b1 , Hong Kong, ASN56971 (AS56971 AS56971 Cloud, HK),
Reverse DNS
Software
Apache / Express
Resource Hash
cfcb2b7a7307f11123d7c2956c4da54b58c2d79735299283877ae86145224f35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

etag
W/"1da-ivEcf6DYMOMCUgkLV2k7G6YRfY0"
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
474
date
Thu, 17 Oct 2024 21:11:12 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
Apache
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gecmisi.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
253836
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 22:40:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 22:40:36 GMT
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24984
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://gecmisi.xyz
Referer
https://fonts.googleapis.com/

Response headers

age
256309
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
favicon.ico
doubleclick.net/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doubleclick.net/favicon.ico
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

content-encoding
gzip
age
148465
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 03:56:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:56:48 GMT
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=691200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1494
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/ 		422 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7473792581783160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
97e01467ec1cc37ceb4730ce8c204e4332bb8da5d25d97f64f60ede2ddb52a0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

content-encoding
br
etag
9031974906288713512
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 21:11:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 21:11:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
143891
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9KXTK4G1SB&gtm=45je4ag0v9178542399za200&_p=1729199472800&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101836706&cid=400532771.1729199473&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729199472&sct=1&seg=0&dl=https%3A%2F%2Fgecmisi.xyz%2F&dt=Fiyat%20Ge%C3%A7mi%C5%9Fi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=657
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KXTK4G1SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gecmisi.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 21:11:13 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/ Frame 3000 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gecmisi.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
8322
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 18:52:31 GMT
etag
13108003645644964576
expires
Thu, 31 Oct 2024 18:52:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame E5C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7473792581783160&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1729073410&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fgecmisi.xyz%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729199472896&bpp=4&bdt=284&idt=234&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=68467514607&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31088129%2C31088130%2C44795922%2C95344190&oid=2&pvsid=728881170080990&tmod=826067255&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=258
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gecmisi.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 21:11:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 521D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7473792581783160&output=html&h=280&slotname=5979267485&adk=711126517&adf=1703909252&pi=t.ma~as.5979267485&w=480&abgtt=6&fwrn=4&fwrnh=100&lmt=1729073410&rafmt=1&format=480x280&url=https%3A%2F%2Fgecmisi.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729199472900&bpp=2&bdt=288&idt=272&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=68467514607&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=34&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31088129%2C31088130%2C44795922%2C95344190&oid=2&pvsid=728881170080990&tmod=826067255&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=283
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gecmisi.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 21:11:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 6108 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-7473792581783160&output=html&h=280&slotname=5979267485&adk=1463247186&adf=1823046886&pi=t.ma~as.5979267485&w=480&abgtt=6&fwrn=4&fwrnh=100&lmt=1729073410&rafmt=1&format=480x280&url=https%3A%2F%2Fgecmisi.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729199472902&bpp=1&bdt=290&idt=296&shv=r20241014&mjsv=m202410140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C480x280&nras=1&correlator=68467514607&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31088129%2C31088130%2C44795922%2C95344190&oid=2&pvsid=728881170080990&tmod=826067255&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gecmisi.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 21:11:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10525.hlb_p1QDMELyNDJ4CzfQuX_5wIPU0SBAmkmRDWmcR1aOHjdFAZj_WZb-5Mbxxj-k._eK86z4_SC8XHuRQpFnn8DiLcPI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10525.09OF-ntjqJT37U56UXWyBzi_c79LjA_PM2ylNNzQVHkiji7hOuXdV_pYoZNEm0nAMNVa5lPv60nV5Xm9TLeexUdcsfhYjSJaoJO3Sc65dKYgU_v70vFdnqocSdkHqAo0J2WfOZRa4P...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10525.3N_3I6AQLs7EHDE-xGQAgUNjjfQrkBRxGRf1yyQlJEBciq1Wc3ZrqsoGa8yU8Z8oWtIiPkEP_DYv_ahNmru_fS9pZQP986fTB2J6fx3dBARKj...
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10525.3N_3I6AQLs7EHDE-xGQAgUNjjfQrkBRxGRf1yyQlJEBciq1Wc3ZrqsoGa8yU8Z8oWtIiPkEP_DYv_ahNmru_fS9pZQP986fTB2J6fx3dBARKjX1hJtRj0Ukn4gPhj8DW_GI8ehpyzJZ-ghkTKDXwj6MYqr7AquvK5XqiHWwgaxvQKX5Bxpn49McSixRFbFxIZanx4-S1TMAKojZuDslu_w%2C%2C.opeVvzX4CznJlvrZ1EncNSklcsM%2C
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Thu, 17 Oct 2024 21:11:13 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10525.3N_3I6AQLs7EHDE-xGQAgUNjjfQrkBRxGRf1yyQlJEBciq1Wc3ZrqsoGa8yU8Z8oWtIiPkEP_DYv_ahNmru_fS9pZQP986fTB2J6fx3dBARKjX1hJtRj0Ukn4gPhj8DW_GI8ehpyzJZ-ghkTKDXwj6MYqr7AquvK5XqiHWwgaxvQKX5Bxpn49McSixRFbFxIZanx4-S1TMAKojZuDslu_w%2C%2C.opeVvzX4CznJlvrZ1EncNSklcsM%2C
x-xss-protection
1; mode=block
date
Thu, 17 Oct 2024 21:11:13 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"6707cb5e-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 17 Oct 2024 22:11:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Thu, 17 Oct 2024 21:11:13 GMT
content-type
image/gif
last-modified
Thu, 10 Oct 2024 12:41:02 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 13F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gecmisi.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Thu, 17 Oct 2024 21:11:14 GMT
etag
"6707cb5e-416"
expires
Thu, 17 Oct 2024 22:11:14 GMT
last-modified
Thu, 10 Oct 2024 12:41:02 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/98132409/
Redirect Chain
  • https://mc.yandex.com/watch/98132409?wmode=7&page-url=https%3A%2F%2Fgecmisi.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Af...
  • https://mc.yandex.com/watch/98132409/1?wmode=7&page-url=https%3A%2F%2Fgecmisi.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
603 B
853 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/98132409/1?wmode=7&page-url=https%3A%2F%2Fgecmisi.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A524051811252%3Ahid%3A501686674%3Az%3A120%3Ai%3A20241017231113%3Aet%3A1729199474%3Ac%3A1%3Arn%3A671747405%3Arqn%3A1%3Au%3A1729199474832294491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A521%3Awv%3A2%3Ads%3A89%2C90%2C60%2C3%2C0%2C0%2C%2C274%2C1%2C%2C%2C%2C524%3Aco%3A0%3Acpf%3A1%3Ans%3A1729199472354%3Agi%3AR0ExLjEuNDAwNTMyNzcxLjE3MjkxOTk0NzM%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1729199474%3At%3AFiyat%20Ge%C3%A7mi%C5%9Fi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
Requested by
Host: gecmisi.xyz
URL: https://gecmisi.xyz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9a52fee36a9a799d0047c2b65e4057b8b803f69081886659331e74ae3162d8b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Thu, 17-Oct-2024 21:11:14 GMT
access-control-allow-origin
https://gecmisi.xyz
content-length
603
date
Thu, 17 Oct 2024 21:11:14 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 17-Oct-2024 21:11:14 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/98132409/1?wmode=7&page-url=https%3A%2F%2Fgecmisi.xyz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afr-FR%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A524051811252%3Ahid%3A501686674%3Az%3A120%3Ai%3A20241017231113%3Aet%3A1729199474%3Ac%3A1%3Arn%3A671747405%3Arqn%3A1%3Au%3A1729199474832294491%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A521%3Awv%3A2%3Ads%3A89%2C90%2C60%2C3%2C0%2C0%2C%2C274%2C1%2C%2C%2C%2C524%3Aco%3A0%3Acpf%3A1%3Ans%3A1729199472354%3Agi%3AR0ExLjEuNDAwNTMyNzcxLjE3MjkxOTk0NzM%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1729199474%3At%3AFiyat%20Ge%C3%A7mi%C5%9Fi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Thu, 17-Oct-2024 21:11:13 GMT
access-control-allow-origin
https://gecmisi.xyz
date
Thu, 17 Oct 2024 21:11:13 GMT
x-xss-protection
1; mode=block
last-modified
Thu, 17-Oct-2024 21:11:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
54ab1da80e6590b6db42ac236c9d843452410910fa3497461a8f5d4fe35dd61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12872
date
Thu, 17 Oct 2024 21:11:14 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon-32x32.png
gecmisi.xyz/icon/ 		438 B
564 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gecmisi.xyz/icon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a13:7c00:5:7:f816:3eff:fece:f7b1 , Hong Kong, ASN56971 (AS56971 AS56971 Cloud, HK),
Reverse DNS
Software
Apache /
Resource Hash
f6aa64e5a3f239066e86e2abbd2418127c1ed07d17fd44febd20f97987ab05d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

cache-control
max-age=2592000, public, no-transform, must-revalidate
expires
Sat, 16 Nov 2024 21:11:14 GMT
accept-ranges
bytes
content-length
438
date
Thu, 17 Oct 2024 21:11:14 GMT
last-modified
Tue, 16 Oct 2024 10:10:10 GMT
content-type
image/png
server
Apache
sodar2.js
tpc.googlesyndication.com/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7473792581783160&plah=gecmisi.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://gecmisi.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 21:11:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 21:11:15 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame BA1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gecmisi.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 20:40:37 GMT
expires
Thu, 17 Oct 2024 21:30:37 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
98132409
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/98132409?wv-part=1&wv-type=7&wmode=0&wv-hit=501686674&page-url=https%3A%2F%2Fgecmisi.xyz%2F&rn=532836496&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1729199476%3Aw%3A1600x1200%3Av%3A1480%3Az%3A120%3Ai%3A20241017231116%3Au%3A1729199474832294491%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Ast%3A1729199476&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://gecmisi.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 17-Oct-2024 21:11:16 GMT
access-control-allow-origin
https://gecmisi.xyz
content-length
43
x-xss-protection
1; mode=block
date
Thu, 17 Oct 2024 21:11:16 GMT
last-modified
Thu, 17-Oct-2024 21:11:16 GMT
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
98132409
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/98132409?wv-part=1&wv-type=7&wmode=0&wv-hit=501686674&page-url=https%3A%2F%2Fgecmisi.xyz%2F&rn=43854955&browser-info=we%3A1%3Aet%3A1729199477%3Aw%3A1600x1200%3Av%3A1480%3Az%3A120%3Ai%3A20241017231116%3Au%3A1729199474832294491%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Ast%3A1729199477&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://gecmisi.xyz/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 17-Oct-2024 21:11:16 GMT
access-control-allow-origin
https://gecmisi.xyz
content-length
43
x-xss-protection
1; mode=block
date
Thu, 17 Oct 2024 21:11:16 GMT
content-type
image/gif
last-modified
Thu, 17-Oct-2024 21:11:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=728881170080990&bg=!n5ylnNPNAAaUWUsktFk7ADQBe5WfOPZ5psznQ8VLC9Mo3oo1wmvHROi58Jnwi7SpMQcsZxX322XC5q7vwnIJau94mmKoAgAAAJ1SAAAABGgBB34ANmGidWAjU73RqnxQ3WAKMWpu8QYJnwkOPN7cmAOAJiqXpFxIEVbabzlbV-p1Z7q6HeDpXM94d5kCnxl3mo7YC8L9gTFew4aArKU6k2npKpbnSLgf4Hl8cQRiiATxUGWszBMmYFfk_f6AD7RPua1z3JLJy2qs5cXI96bdUpEYJsX1RliE57jgFw0xAMg0Ha24VCc_sX1HZvhO_dvh7iLKsMQlUBapP0BexKBLG74fVM62alsiPp7Udk2LBX3jq3a1-_Gqvj8FSfZnQOrzSqt24409rVButnzYI8FSm8jVG0ih__1m3GrDraipSDGTduld1WNitdnWV8ImGr9PHRKhF7Wi24eERZ0x00KND2NrPGk5f63_Wlw0-f-2uOl__BuTqQHgxGy3MiiHS-LFP3WF-Oh_jQ6iOOE_a7_GQcn4nAIzqwOGc5R6m4KCf_bE2whr2G-WW1GNzweofjpsxIonFB9ghRx36lcJKBULd-lnvnhYUpS2ilKXNKXLeG6X4kDMuOjFO4elX0adJbd7JiKD9ZheeE9tHnhWZIY2eyJq2Jgn446VwYrWyI478bwxkBi5DUNx5hv9mm5FgiomFdaf0z2k1uswct8hawZQKFn1eKhMtuYu5gqbuVyFLUDM4Fu_f9GLB3N42zHs7KqnGZYecw3qSNQk_D01ZdRT1pZlXT5LWOT1LyUORzR749MwEvs5r2oEQX2v2FhOSzW3WBRPIqNdiG8zpJi7-bpZSP4c2VA5OLi6iNh9K0aDcthX9CjAvpcUzEqwD2L1E7hE8W-pvmirisK4Vk700wsooSMbW0homZK-BfBHhDPg-qrQtvjA3kFzPyjkz98XMC-rMIrWQynJujZbhw7v-2gkDmzO8_TbMKQ7QzL21MEqaLJiigR9T14Kas9RRyo-AnIupt-i3_O7JhCaqHat8LIBmAkK2j23lF1UthqCkz10tVIhuHBGR5pUzspHtQ8X

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| _0x37e4 function| _0x2f95b6 function| _0x4fc1b6 function| _0x126aa8 function| _0x46e3 function| ym function| setCookie function| getCookie function| initializeMode function| reloadAds string| userAgent function| updateHeight function| gtag object| dataLayer object| adsbygoogle function| sorgulaOtomatik function| scrollToCenter function| _0x2ec1 function| encryptDataWithPublicKey function| base64ToArrayBuffer function| _0x697b function| arrayBufferToBase64 string| userBrowser function| getDownloadLink string| downloadLink object| links object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter98132409 object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
.gecmisi.xyz/ Name: _ga
Value: GA1.1.400532771.1729199473
.gecmisi.xyz/ Name: _ga_9KXTK4G1SB
Value: GS1.1.1729199472.1.0.1729199473.0.0.0
.yandex.ru/ Name: yashr
Value: 390639531729199473
.gecmisi.xyz/ Name: _ym_uid
Value: 1729199474832294491
.gecmisi.xyz/ Name: _ym_d
Value: 1729199474
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3464276558fake
.yandex.com/ Name: i
Value: BzjyhGZhkrQxe8mZpl5n/WGCMHCGlJSDzAb0w4ZlgsAoMxy6PB+TXs8EtyUrTKhQV2KWDFwrZVOgfyhTaAYwtT5QktU=
.yandex.com/ Name: yandexuid
Value: 662196981729199473
.yandex.com/ Name: yashr
Value: 3955745461729199473
.gecmisi.xyz/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 67569294fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 662196981729199473
.yandex.ru/ Name: yuidss
Value: 662196981729199473
.yandex.ru/ Name: i
Value: BzjyhGZhkrQxe8mZpl5n/WGCMHCGlJSDzAb0w4ZlgsAoMxy6PB+TXs8EtyUrTKhQV2KWDFwrZVOgfyhTaAYwtT5QktU=
.yandex.ru/ Name: yp
Value: 1729285873.yu.3174391211729199473
.yandex.ru/ Name: ymex
Value: 1731791473.oyu.3174391211729199473
mc.yandex.com/ Name: yabs-sid
Value: 2520153141729199473
.yandex.com/ Name: yuidss
Value: 662196981729199473
.yandex.com/ Name: ymex
Value: 1760735473.yrts.1729199473
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDy+sW4Bg==
.gecmisi.xyz/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gecmisi.com.tr
gecmisi.xyz
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.186.98
2001:4860:4802:32::36
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a02:6b8::1:119
2a13:7c00:5:7:f816:3eff:fece:f7b1
01ebdfd1bbebe0edce8d8e10be6bf32fc3b98542b08df784adb31bf87dac7802
113610b3d0915211e6d55352a0f6f827054d7fbd5c5ee15ee7703c99f53925ea
20ab3a8ad1962db1765d8b7a10b775ac66e4ea50c24aa93858f59f3c0792dcd0
3161948f21bf24d9ef8c34e37b7d1790d5cce63c44d982ca9f63bc6b6acbfe99
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ab1da80e6590b6db42ac236c9d843452410910fa3497461a8f5d4fe35dd61e
5bc6ad5d794fb10405c853199c77d5facf5158565f6c63a481457f0794d8ba48
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8c3f6eebf1b8d7f3f2e2294ce10345140939ddfd4ed9fbe9f652e13a9d9cd04b
97e01467ec1cc37ceb4730ce8c204e4332bb8da5d25d97f64f60ede2ddb52a0a
9a52fee36a9a799d0047c2b65e4057b8b803f69081886659331e74ae3162d8b1
a6fce3a71653914c66f93fbefdb329e30739602d652cd19268de37086aa7e55c
cfcb2b7a7307f11123d7c2956c4da54b58c2d79735299283877ae86145224f35
d024fc195d7d3f2572372096a6c168d04e401f89f07345491a3fdd8768b1fbcf
dcb72a8d2478bc448bab6712de33a8370c2b3027d9ae9a079d1f4de5a6600634
f6aa64e5a3f239066e86e2abbd2418127c1ed07d17fd44febd20f97987ab05d7
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99