sahibinden.hizmetlerilan.com.tr Open in urlscan Pro
2606:4700:3037::6815:e3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sahibinden.hizmetlerilan.com.tr/ilan
Submission: On July 06 via api (July 6th 2024, 9:01:29 pm UTC) from TR — Scanned from DE

Summary HTTP 8 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3037::6815:e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sahibinden.hizmetlerilan.com.tr.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.

This is the only time sahibinden.hizmetlerilan.com.tr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sahibinden (Classifieds)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::6815:e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	85.153.138.73 85.153.138.73	34984 (TELLCOM-AS) (TELLCOM-AS)
8	2

2 2606:4700:3037::6815:e3 (United States)

ASN13335 (CLOUDFLARENET, US)

sahibinden.hizmetlerilan.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 85.153.138.73 (Turkey)

ASN34984 (TELLCOM-AS, TR)

s0.shbdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	shbdn.com s0.shbdn.com — Cisco Umbrella Rank: 105906	185 KB
2	hizmetlerilan.com.tr sahibinden.hizmetlerilan.com.tr	4 KB
8	2

	Domain	Requested by
6	s0.shbdn.com	sahibinden.hizmetlerilan.com.tr s0.shbdn.com
2	sahibinden.hizmetlerilan.com.tr
8	2

This site contains links to these domains. Also see Links.

Domain
www.sahibinden.com
banaozel.sahibinden.com
yardim.sahibinden.com

Subject Issuer	Validity	Valid
hizmetlerilan.com.tr WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.shbdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-28` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sahibinden.hizmetlerilan.com.tr/ilan
Frame ID: 48F9FAC7434CBE34D158CC2AC7767B9B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sahibinden.com Hata Sayfası

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

189 kB
Transfer

403 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sahibinden.com/

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/ilan-ver/adim-1/?state=new
Title: İlan Ver

Search URL Search Domain Scan URL

URL: https://banaozel.sahibinden.com/
Title: Bana Özel

Search URL Search Domain Scan URL

URL: https://yardim.sahibinden.com/hc/tr
Title: Yardım

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request ilan Show response
sahibinden.hizmetlerilan.com.tr/ 4 KB
2 KB 305ms
167ms Document
text/html 2606:4700:3037::6815:e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sahibinden.hizmetlerilan.com.tr/ilan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 377298cc3fdcfea4fbd7534e74b3293282d9e405a563d4fca71a405dbdcb975e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89f287a4cf20b7ea-AMS
content-encoding: br
content-type: text/html
date: Sat, 06 Jul 2024 21:01:24 GMT
last-modified: Sun, 18 Feb 2024 03:56:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpoG7GHO%2BgJ79rUz12%2FUX42O1GyTL01f%2Bj7WKgtALVsZxFSejKgzKR929yGCkxnrXYU2VxBUnnEcrgZ8nDUfK%2FWwwpOq5jwSImX3w%2ByzwBWABDHmgbO3hQtQiIrZKyeiWEjiEIu5432HK26M%2BGeLr5X%2FVmMTnijlLlS692TK"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 common:26dbad3a4f2a4a13327e03aadaadc7c6.css
s0.shbdn.com/assets/ 227 KB
40 KB 319ms
78ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/common:26dbad3a4f2a4a13327e03aadaadc7c6.css

Requested by

Host: sahibinden.hizmetlerilan.com.tr
URL: https://sahibinden.hizmetlerilan.com.tr/ilan

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

39b445ea263c71448e9d0880dd10a7d5556e147385661df0baf11d4773eb0620

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sahibinden.hizmetlerilan.com.tr/ilan
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy: tmll-204 4,8080
date: Fri, 07 Jun 2024 20:18:40 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
content-encoding: gzip
age: 2508087
content-length: 40299
x-secure-option: secure
last-modified: Mon, 04 Mar 2024 07:32:46 GMT
server: Sahibinden Web Servers
etag: W/"65e5791e-38afa"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 errors:e7fe36c939561abcb9663a33eda55be8.css
s0.shbdn.com/assets/ 18 KB
3 KB 473ms
232ms Stylesheet
text/css 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/errors:e7fe36c939561abcb9663a33eda55be8.css

Requested by

Host: sahibinden.hizmetlerilan.com.tr
URL: https://sahibinden.hizmetlerilan.com.tr/ilan

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

308e62e6970872c437acfeb409b0a9fa131b7363930ba794ff9e0c133e1f8ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sahibinden.hizmetlerilan.com.tr/ilan
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy: tmll-204 6,8080
date: Fri, 07 Jun 2024 03:29:05 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
content-encoding: gzip
age: 2568663
content-length: 3211
x-secure-option: secure
last-modified: Thu, 06 Jun 2024 04:11:16 GMT
server: Sahibinden Web Servers
etag: W/"666136e4-4723"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
x-frame-options: SAMEORIGIN
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 header:62f94b4d0cde1436b82fbd54c07a34cb.png
s0.shbdn.com/assets/images/ 47 KB
47 KB 78ms
77ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/header:62f94b4d0cde1436b82fbd54c07a34cb.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/errors:e7fe36c939561abcb9663a33eda55be8.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

dc9e1be25bfde9e96b2d29d9b21ef9f05ba42187ee388bd0549269e448efc3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://s0.shbdn.com/assets/errors:e7fe36c939561abcb9663a33eda55be8.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy: tmll-204 4,8080
date: Fri, 07 Jun 2024 03:29:02 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
age: 2568667
content-length: 47706
x-secure-option: secure
last-modified: Thu, 06 Jun 2024 04:10:12 GMT
server: Sahibinden Web Servers
etag: "666136a4-ba5a"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 SHBGroteskLegacy-Regular:072af6e51ea47968612a13a6a8522f59.woff2
s0.shbdn.com/assets/blob/ 37 KB
37 KB 312ms
80ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/SHBGroteskLegacy-Regular:072af6e51ea47968612a13a6a8522f59.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:26dbad3a4f2a4a13327e03aadaadc7c6.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

85c5dfa70de41604f75673c2dadcc8411d5d163d3775284e40ab025cee817ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://s0.shbdn.com/assets/common:26dbad3a4f2a4a13327e03aadaadc7c6.css
Origin: https://sahibinden.hizmetlerilan.com.tr
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy: tmll-204 4,8080
date: Fri, 07 Jun 2024 03:28:59 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
age: 2568671
content-length: 37404
x-secure-option: secure
last-modified: Thu, 06 Jun 2024 04:10:08 GMT
server: Sahibinden Web Servers
etag: "666136a0-921c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 SHBGroteskLegacy-Bold:0db3249d6e7b5cc4180b9056fe813d20.woff2
s0.shbdn.com/assets/blob/ 36 KB
37 KB 389ms
157ms Font
application/octet-stream 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.shbdn.com/assets/blob/SHBGroteskLegacy-Bold:0db3249d6e7b5cc4180b9056fe813d20.woff2

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/common:26dbad3a4f2a4a13327e03aadaadc7c6.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

d601848a4291446de173464a729921ef3f70d37ac0c3b6709ef6ba132ab30d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://s0.shbdn.com/assets/common:26dbad3a4f2a4a13327e03aadaadc7c6.css
Origin: https://sahibinden.hizmetlerilan.com.tr
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy: tmll-204 4,8080
date: Fri, 07 Jun 2024 03:28:59 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
age: 2568673
content-length: 37212
x-secure-option: secure
last-modified: Thu, 06 Jun 2024 04:10:08 GMT
server: Sahibinden Web Servers
etag: "666136a0-915c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 categoryIcons:8cf1aed1d423abe04a21da2ef7582ea0.png
s0.shbdn.com/assets/images/ 20 KB
20 KB 77ms
77ms Image
image/png 85.153.138.73
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.shbdn.com/assets/images/categoryIcons:8cf1aed1d423abe04a21da2ef7582ea0.png

Requested by

Host: s0.shbdn.com
URL: https://s0.shbdn.com/assets/errors:e7fe36c939561abcb9663a33eda55be8.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS, TR),

Reverse DNS

Software

Sahibinden Web Servers /

Resource Hash

23e96075fc46caa9cda337afadbb4d36faa55dc0def8d911b4b762d31f55e15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://s0.shbdn.com/assets/errors:e7fe36c939561abcb9663a33eda55be8.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-proxy: tmll-204 3,8080
date: Fri, 07 Jun 2024 03:29:07 GMT
via: www.sahibinden.com(c)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; preload
age: 2568661
content-length: 20648
x-secure-option: secure
last-modified: Thu, 06 Jun 2024 04:10:12 GMT
server: Sahibinden Web Servers
etag: "666136a4-50a8"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=31536000,public
accept-ranges: bytes
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 favicon.ico
sahibinden.hizmetlerilan.com.tr/public/ 15 KB
3 KB 168ms
167ms Other
image/vnd.microsoft.icon 2606:4700:3037::6815:e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sahibinden.hizmetlerilan.com.tr/public/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 62e10d5a188c6a3abe53cf5596a1d2e3b0ff95b32967920f6623f2de1c81e8c6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sahibinden.hizmetlerilan.com.tr/ilan
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Jul 2024 21:01:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Feb 2024 00:25:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c2ce0c-3aee"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZtxvaKh89DKn5qqMO8egJ%2Bm3GndTolyPpqTc3Skw5XChlF9b8ZjJ9lfAOspj8BLDTznLQjrkafLLcrZAgam61Ptd1l1U5lGzdv5idtAcgZHqyUHo0ucDmJ3qN6RiCFpefQXWKR4QXpcEp7fpRazio4a4OXgPw3WsNYfI1tmy"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 89f287a92bfab7ea-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sahibinden (Classifieds)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sahibinden.hizmetlerilan.com.tr/ilan Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s0.shbdn.com
sahibinden.hizmetlerilan.com.tr
2606:4700:3037::6815:e3
85.153.138.73
23e96075fc46caa9cda337afadbb4d36faa55dc0def8d911b4b762d31f55e15d
308e62e6970872c437acfeb409b0a9fa131b7363930ba794ff9e0c133e1f8ea1
377298cc3fdcfea4fbd7534e74b3293282d9e405a563d4fca71a405dbdcb975e
39b445ea263c71448e9d0880dd10a7d5556e147385661df0baf11d4773eb0620
62e10d5a188c6a3abe53cf5596a1d2e3b0ff95b32967920f6623f2de1c81e8c6
85c5dfa70de41604f75673c2dadcc8411d5d163d3775284e40ab025cee817ed6
d601848a4291446de173464a729921ef3f70d37ac0c3b6709ef6ba132ab30d9b
dc9e1be25bfde9e96b2d29d9b21ef9f05ba42187ee388bd0549269e448efc3df

sahibinden.hizmetlerilan.com.tr Open in urlscan Pro 2606:4700:3037::6815:e3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

189 kBTransfer

403 kBSize

0 Cookies

4 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

sahibinden.hizmetlerilan.com.tr Open in urlscan Pro
2606:4700:3037::6815:e3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

189 kB
Transfer

403 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!