okkagroup.com.tr Open in urlscan Pro
212.58.6.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://integratedmeatsolutions.com/newscript/itt/index1.php?login=abuse@bartlesvillephysicalrehab.com
Effective URL:
http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Submission: On June 21 via automatic, source phishtank (June 21st 2017, 10:13:29 pm UTC)

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 24 HTTP transactions. The main IP is 212.58.6.95, located in Turkey and belongs to DORUKNET, TR. The main domain is okkagroup.com.tr.

This is the only time okkagroup.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	212.58.6.95 212.58.6.95	8685 (DORUKNET) (DORUKNET)
19	77.72.150.147 77.72.150.147	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	104.27.27.76 104.27.27.76	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
24	4

2 212.58.6.95 (Turkey)

ASN8685 (DORUKNET, TR)
PTR: web67.webkontrol.doruk.net.tr

okkagroup.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 77.72.150.147 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: dhlparcel.nl

www.dhlparcel.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.27.76 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.geocities.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	dhlparcel.nl www.dhlparcel.nl	2 MB
2	okkagroup.com.tr okkagroup.com.tr	16 KB
1	geocities.ws www.geocities.ws	16 KB
24	3

	Domain	Requested by
19	www.dhlparcel.nl	okkagroup.com.tr
2	okkagroup.com.tr	okkagroup.com.tr
1	www.geocities.ws	okkagroup.com.tr
24	3

This site contains links to these domains. Also see Links.

Domain
www.dhl.nl

Subject Issuer	Validity	Valid
dhlparcel.nl COMODO RSA Extended Validation Secure Server CA	`2017-03-06` - `2018-03-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Frame ID: 20562.1
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

24
Requests

79 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1713 kB
Transfer

1814 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.dhl.nl/en/legal.html
Title: Privacy disclaimer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 0

http://www.dhlparcel.nl/sites/default/files/css/css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css
https://www.dhlparcel.nl/sites/default/files/css/css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css

Request 1

http://www.dhlparcel.nl/sites/default/files/css/css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css
https://www.dhlparcel.nl/sites/default/files/css/css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css

Request 3

http://www.dhlparcel.nl/sites/default/files/js/js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js
https://www.dhlparcel.nl/sites/default/files/js/js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js

Request 4

http://www.dhlparcel.nl/sites/default/files/js/js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js
https://www.dhlparcel.nl/sites/default/files/js/js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js

Request 5

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/logo.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/logo.png

Request 7

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/main-bg-spacer.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/main-bg-spacer.svg

Request 8

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/logo.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/logo.svg

Request 9

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_search.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_search.svg

Request 10

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_language_arrow.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_language_arrow.svg

Request 11

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.woff
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.woff

Request 12

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_menu_arrow_sprite.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_menu_arrow_sprite.svg

Request 13

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-1.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-1.png

Request 14

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/clock.png?1439381251
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/clock.png?1439381251

Request 15

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/sendpackage.png?1439381251
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/sendpackage.png?1439381251

Request 16

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/offer.png?1439381251
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/offer.png?1439381251

Request 17

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-2.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-2.png

Request 18

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-4.jpg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-4.jpg

Request 19

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-3.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-3.png

Request 20

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/footer_arrow_right_sprite.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/footer_arrow_right_sprite.svg

Request 21

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/dhl-footer-logo.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/dhl-footer-logo.png

Request 22

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.ttf
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.ttf

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request DHL.php Show response
okkagroup.com.tr/uploads/files/
Redirect Chain

http://integratedmeatsolutions.com/newscript/itt/index1.php?login=abuse@bartlesvillephysicalrehab.com
http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

16 KB
16 KB

183ms
42ms

Document
text/html

212.58.6.95
DORUKNET

General

Check archive.org

Show headers Download Go to

Full URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Protocol: HTTP/1.1
Server: 212.58.6.95 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: web67.webkontrol.doruk.net.tr
Software: Apache/2.2.3 (CentOS) / PHP/5.4.45, PleskLin
Resource Hash: 3878afb7cc08fc4ca2b7a26b23b1755e413cbb87ed12ef5438efb4b53341c3ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2017 22:13:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.4.45, PleskLin
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date: Wed, 21 Jun 2017 22:13:17 GMT
Server: LiteSpeed
X-Powered-By: PHP/5.6.30
Content-Type: text/html; charset=UTF-8
Location: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1

404
Not Found

css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css
www.dhlparcel.nl/sites/default/files/css/
Redirect Chain

http://www.dhlparcel.nl/sites/default/files/css/css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css
https://www.dhlparcel.nl/sites/default/files/css/css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css

0
0

66ms
18ms

Stylesheet
text/html

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dhlparcel.nl/sites/default/files/css/css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css
Requested by: Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: dhlparcel.nl
Software: nginx /
Resource Hash

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 358
Content-Type: text/html; charset=UTF-8

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
X-Content-Type-Options: nosniff
Server: nginx
Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Content-Type: text/html
Location: https://www.dhlparcel.nl/sites/default/files/css/css_Mr4gncpBXu3LEOV8dz9HzrO5ogD11mLheyvK0CE1oWc.css
Connection: keep-alive
X-DNS-Prefetch-Control: : off
Content-Length: 178
X-XSS-Protection: 1; mode=block

GET
H/1.1

404
Not Found

css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css
www.dhlparcel.nl/sites/default/files/css/
Redirect Chain

http://www.dhlparcel.nl/sites/default/files/css/css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css
https://www.dhlparcel.nl/sites/default/files/css/css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css

0
0

63ms
16ms

Stylesheet
text/html

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dhlparcel.nl/sites/default/files/css/css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 358
Content-Type: text/html; charset=UTF-8

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
X-Content-Type-Options: nosniff
Server: nginx
Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Content-Type: text/html
Location: https://www.dhlparcel.nl/sites/default/files/css/css_atkFGFlvG6sSQcIj6Q73rpgsXhtr58AwITc2aQjVotk.css
Connection: keep-alive
X-DNS-Prefetch-Control: : off
Content-Length: 178
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
www.geocities.ws/34sed/ 114 KB
16 KB 49ms
38ms Stylesheet
text/css 104.27.27.76
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
Requested by: Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Protocol: HTTP/1.1
Server: 104.27.27.76 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 46971fa2bc58091704b70a42960b5322cc2c1744cb0b7f8853038fbae23a5bbb

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Mon, 28 Sep 2015 07:05:23 GMT
Server: cloudflare-nginx
ETag: W/"1c989-520c9523646b1;54ac9d86264ed"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 372a507430372678-FRA
Expires: Thu, 22 Jun 2017 02:13:18 GMT

GET
H/1.1

404
Not Found

js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js
www.dhlparcel.nl/sites/default/files/js/
Redirect Chain

http://www.dhlparcel.nl/sites/default/files/js/js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js
https://www.dhlparcel.nl/sites/default/files/js/js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js

0
0

70ms
22ms

Script
text/html

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dhlparcel.nl/sites/default/files/js/js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js
Requested by: Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: dhlparcel.nl
Software: nginx /
Resource Hash

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 355
Content-Type: text/html; charset=UTF-8

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
X-Content-Type-Options: nosniff
Server: nginx
Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Content-Type: text/html
Location: https://www.dhlparcel.nl/sites/default/files/js/js_1skC71C-maE_mjY6icwsa5kNHRJ7Xene_XRIpQXt398.js
Connection: keep-alive
X-DNS-Prefetch-Control: : off
Content-Length: 178
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js Show response
www.dhlparcel.nl/sites/default/files/js/
Redirect Chain

http://www.dhlparcel.nl/sites/default/files/js/js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js
https://www.dhlparcel.nl/sites/default/files/js/js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js

3 KB
1008 B

70ms
19ms

Script
text/javascript

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dhlparcel.nl/sites/default/files/js/js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

63afb7ba8085cfc4379d4ee9cc5eaa50ff8ccc4b8426626ddb46d3d3a0895032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 30 May 2017 11:27:15 GMT
Server: nginx
ETag: "2e1231-3f0-550bc15e5aac0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: text/javascript
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1008
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'
X-Content-Type-Options: nosniff
Server: nginx
Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Content-Type: text/html
Location: https://www.dhlparcel.nl/sites/default/files/js/js_Y6-3uoCFz8Q3nU7pzF6qUP-MzEuEJmJt20bT06CJUDI.js
Connection: keep-alive
X-DNS-Prefetch-Control: : off
Content-Length: 178
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

logo.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/logo.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/logo.png

2 KB
2 KB

15ms
15ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/logo.png

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

65cd638406f0f93c4242f5e5e0f9f1e8d11e0460c16101d045945b7845a0d937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 13 Aug 2015 05:11:58 GMT
Server: nginx
ETag: "3007ec-936-51d2a5fe18380"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 2358
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/logo.png
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK home_nieuwblok_icon.png
okkagroup.com.tr/sites/default/files/ 1 KB
0 107ms
63ms Image
text/html 212.58.6.95
DORUKNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://okkagroup.com.tr/sites/default/files/home_nieuwblok_icon.png
Requested by: Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
Protocol: HTTP/1.1
Server: 212.58.6.95 , Turkey, ASN8685 (DORUKNET, TR),
Reverse DNS: web67.webkontrol.doruk.net.tr
Software: Apache/2.2.3 (CentOS) / PHP/5.4.45, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2017 22:13:56 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.4.45, PleskLin
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

main-bg-spacer.svg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/main-bg-spacer.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/main-bg-spacer.svg

659 B
659 B

18ms
18ms

Image
image/svg+xml

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/main-bg-spacer.svg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

983d7e0f92e30a3a872a103407f9ea62ad9c30e099aae7b56eeefabed33b0e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Tue, 22 Apr 2014 14:51:47 GMT
Server: nginx
ETag: "300a0e-293-4f7a2c15246c0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 659
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/main-bg-spacer.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

logo.svg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/logo.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/logo.svg

2 KB
2 KB

17ms
17ms

Image
image/svg+xml

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/logo.svg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

3279c8c236dc11348dc36a3f74233ba804b3c32faf93353b989884e7a5fee7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Thu, 13 Aug 2015 05:11:58 GMT
Server: nginx
ETag: "300a0d-78d-51d2a5fe18380"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1933
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/logo.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

header_search.svg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_search.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_search.svg

801 B
801 B

19ms
18ms

Image
image/svg+xml

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_search.svg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

ebc2cc676d9558b20a745518e5ee074fafc2178a039426ece6b8b728c245cdf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Mon, 14 Apr 2014 10:33:40 GMT
Server: nginx
ETag: "300a0b-321-4f6fe377e6900"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 801
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_search.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

header_language_arrow.svg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_language_arrow.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_language_arrow.svg

642 B
642 B

16ms
15ms

Image
image/svg+xml

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_language_arrow.svg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

09cb3d166840f3a7aa69db1d8befd0bd99940e81086b3cedf5a943a92f7f26c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Apr 2014 10:08:54 GMT
Server: nginx
ETag: "30083a-282-4f6ad678e5980"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 642
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_language_arrow.svg
Non-Authoritative-Reason: HSTS

GET

FrutigerCondensedBQ-Roman.woff
www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.woff
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.woff

0
0

GET
H/1.1

200
OK

header_menu_arrow_sprite.svg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_menu_arrow_sprite.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_menu_arrow_sprite.svg

698 B
698 B

18ms
15ms

Image
image/svg+xml

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_menu_arrow_sprite.svg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

247deae86df1e1a1822cbab26ef68b29ab32af93d3a9e8298cd35c24b40a0696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Apr 2014 10:08:54 GMT
Server: nginx
ETag: "30083b-2ba-4f6ad678e5980"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 698
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/header_menu_arrow_sprite.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

home-bg-1.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-1.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-1.png

1 MB
1 MB

44ms
29ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-1.png

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

42214fa5d2b0194b02f8cf486ab62cc7a121c71d04825937dad540f9a0c3ee7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Wed, 30 Apr 2014 09:55:19 GMT
Server: nginx
ETag: "3009c7-139d81-4f83f8bcdefc0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1285505
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-1.png
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

clock.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/clock.png?1439381251
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/clock.png?1439381251

276 B
276 B

36ms
18ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/clock.png?1439381251

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

358de793f72166ce2c88f3b37c4208ae2212476ba1dbe725bf33f387593b4668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Apr 2014 11:58:07 GMT
Server: nginx
ETag: "30081b-114-4f7c88fec71c0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 276
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/clock.png?1439381251
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

sendpackage.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/sendpackage.png?1439381251
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/sendpackage.png?1439381251

721 B
721 B

33ms
16ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/sendpackage.png?1439381251

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

52b4f25e1d580bfaf28091e14d29ea5bc722c1e86cc231eea02dc3657012746a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Apr 2014 11:58:07 GMT
Server: nginx
ETag: "30082b-2d1-4f7c88fec71c0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 721
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/sendpackage.png?1439381251
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

offer.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/offer.png?1439381251
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/offer.png?1439381251

108 B
108 B

46ms
17ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/offer.png?1439381251

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

caf7c1ebe199cbfa3c1ab0312f2fa9083bb9018107017e676ab383e477b4df5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Thu, 24 Apr 2014 11:58:07 GMT
Server: nginx
ETag: "3009f7-6c-4f7c88fec71c0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 108
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/png/offer.png?1439381251
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

home-bg-2.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-2.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-2.png

186 KB
186 KB

47ms
31ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-2.png

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

fd7dc30fbb5427e6ad521b6c02249484926d426529704f67b60816ee9df68e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Tue, 21 Apr 2015 05:11:06 GMT
Server: nginx
ETag: "3009c8-2e6eb-5143512df4e80"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 190187
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-2.png
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

home-bg-4.jpg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-4.jpg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-4.jpg

30 KB
30 KB

40ms
39ms

Image
image/jpeg

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-4.jpg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

11d7a70fdf4e49061bfe58bfd34d823a4cfc286c422b79ec5361e9b49d4cd10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Apr 2015 05:11:06 GMT
Server: nginx
ETag: "300dcf-76cd-5143512df4e80"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 30413
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-4.jpg
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

home-bg-3.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-3.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-3.png

198 KB
198 KB

35ms
35ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-3.png

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

638c56b2237a1b088a2b3d255727c0745a9ca3bfa18718ad40181f329c611176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Tue, 21 Apr 2015 05:11:06 GMT
Server: nginx
ETag: "3009c9-3171e-5143512df4e80"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 202526
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/home-bg-3.png
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

footer_arrow_right_sprite.svg
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/footer_arrow_right_sprite.svg
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/footer_arrow_right_sprite.svg

708 B
708 B

15ms
15ms

Image
image/svg+xml

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/footer_arrow_right_sprite.svg

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

97535594ca02c12b282ae7d0bca9bc2922da7e5b8c17611cc7100036fea2253a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Thu, 10 Apr 2014 13:20:47 GMT
Server: nginx
ETag: "300a07-2c4-4f6b015c8c9c0"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 708
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/svg/footer_arrow_right_sprite.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

dhl-footer-logo.png
www.dhlparcel.nl/sites/all/themes/dhlparcel/images/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/dhl-footer-logo.png
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/dhl-footer-logo.png

3 KB
3 KB

15ms
15ms

Image
image/png

77.72.150.147
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/dhl-footer-logo.png

Requested by

Host: okkagroup.com.tr
URL: http://okkagroup.com.tr/uploads/files/DHL.php?email=abuse@bartlesvillephysicalrehab.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.72.150.147 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

dhlparcel.nl

Software

nginx /

Resource Hash

d98e5a252561f0711b74fedb75fcbbe782436b4903ccb77defeb63fb21dfa9dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM salesforce.com, ALLOW-FROM force.com

Request headers

Referer: http://www.geocities.ws/34sed/css_hwvhCitl9c6wQeFfyPf-lOg7R0-MCRM5qdK605ZWJRc.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date: Wed, 21 Jun 2017 22:13:18 GMT
Last-Modified: Thu, 13 Aug 2015 05:11:58 GMT
Server: nginx
ETag: "3009c5-a6c-51d2a5fe18380"
X-Frame-Options: ALLOW-FROM salesforce.com, ALLOW-FROM force.com
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=1209600
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 2668
Expires: Wed, 05 Jul 2017 22:13:18 GMT

Redirect headers

Location: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/images/dhl-footer-logo.png
Non-Authoritative-Reason: HSTS

GET

FrutigerCondensedBQ-Roman.ttf
www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/
Redirect Chain

http://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.ttf
https://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.ttf

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dhlparcel.nl
URL: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.woff

Domain: www.dhlparcel.nl
URL: https://www.dhlparcel.nl/sites/all/themes/dhlparcel/css/fonts/FrutigerCondensedBQ-Roman.ttf

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			okkagroup.com.tr/	1970-01-01 00:00:00	Name: PHPSESSID Value: ur1tssph92l0nsiq9kg9nciri7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

okkagroup.com.tr
www.dhlparcel.nl
www.geocities.ws
www.dhlparcel.nl
104.27.27.76
212.58.6.95
77.72.150.147
09cb3d166840f3a7aa69db1d8befd0bd99940e81086b3cedf5a943a92f7f26c4
11d7a70fdf4e49061bfe58bfd34d823a4cfc286c422b79ec5361e9b49d4cd10a
247deae86df1e1a1822cbab26ef68b29ab32af93d3a9e8298cd35c24b40a0696
3279c8c236dc11348dc36a3f74233ba804b3c32faf93353b989884e7a5fee7a5
358de793f72166ce2c88f3b37c4208ae2212476ba1dbe725bf33f387593b4668
3878afb7cc08fc4ca2b7a26b23b1755e413cbb87ed12ef5438efb4b53341c3ed
42214fa5d2b0194b02f8cf486ab62cc7a121c71d04825937dad540f9a0c3ee7f
46971fa2bc58091704b70a42960b5322cc2c1744cb0b7f8853038fbae23a5bbb
52b4f25e1d580bfaf28091e14d29ea5bc722c1e86cc231eea02dc3657012746a
638c56b2237a1b088a2b3d255727c0745a9ca3bfa18718ad40181f329c611176
63afb7ba8085cfc4379d4ee9cc5eaa50ff8ccc4b8426626ddb46d3d3a0895032
65cd638406f0f93c4242f5e5e0f9f1e8d11e0460c16101d045945b7845a0d937
97535594ca02c12b282ae7d0bca9bc2922da7e5b8c17611cc7100036fea2253a
983d7e0f92e30a3a872a103407f9ea62ad9c30e099aae7b56eeefabed33b0e46
caf7c1ebe199cbfa3c1ab0312f2fa9083bb9018107017e676ab383e477b4df5f
d98e5a252561f0711b74fedb75fcbbe782436b4903ccb77defeb63fb21dfa9dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc2cc676d9558b20a745518e5ee074fafc2178a039426ece6b8b728c245cdf6
fd7dc30fbb5427e6ad521b6c02249484926d426529704f67b60816ee9df68e84

okkagroup.com.tr Open in urlscan Pro 212.58.6.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

24 Requests

79 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1713 kBTransfer

1814 kBSize

1 Cookies

1 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

okkagroup.com.tr Open in urlscan Pro
212.58.6.95 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1713 kB
Transfer

1814 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions