meri.cicekcimiz.shop Open in urlscan Pro
172.67.192.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://meri.cicekcimiz.shop/
Submission Tags: @phish_report
Submission: On December 10 via api (December 10th 2024, 12:10:36 pm UTC) from FI — Scanned from FI

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 172.67.192.85, located in United States and belongs to CLOUDFLARENET, US. The main domain is meri.cicekcimiz.shop.
TLS certificate: Issued by WE1 on October 16th 2024. Valid for: 3 months.

This is the only time meri.cicekcimiz.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.67.192.85 172.67.192.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.133.187 172.67.133.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.21.34.234 23.21.34.234	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
10	6

3 172.67.192.85 (United States)

ASN13335 (CLOUDFLARENET, US)

meri.cicekcimiz.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

i.resm.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.133.187 (United States)

ASN13335 (CLOUDFLARENET, US)

webbis.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.34.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-34-234.compute-1.amazonaws.com

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cicekcimiz.shop meri.cicekcimiz.shop	6 KB
2	resm.im i.resm.im	394 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	90 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	placeholder.com via.placeholder.com — Cisco Umbrella Rank: 35599	3 KB
1	webbis.site webbis.site	75 KB
10	6

	Domain	Requested by
3	meri.cicekcimiz.shop	meri.cicekcimiz.shop
2	i.resm.im	meri.cicekcimiz.shop
2	www.googletagmanager.com	meri.cicekcimiz.shop www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	via.placeholder.com	meri.cicekcimiz.shop
1	webbis.site	meri.cicekcimiz.shop
10	6

This site contains links to these domains. Also see Links.

Domain
wa.me

Subject Issuer	Validity	Valid
cicekcimiz.shop WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
resm.im WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
webbis.site WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
placeholder.com Amazon RSA 2048 M02	`2024-11-26` - `2025-12-26`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://meri.cicekcimiz.shop/
Frame ID: 3D0815126628044C4504DB1A3156673C
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fmeri.cicekcimiz.shop
Frame ID: C25476F2BDC6E6C2E1CA66C1CAE4180E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proxy Şirketi

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

10
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

568 kB
Transfer

729 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/message/BU55TTOAGBJGN1
Title: Bize WhatsApp'tan Ulaşın!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
meri.cicekcimiz.shop/ 8 KB
3 KB 247ms
182ms Document
text/html 172.67.192.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meri.cicekcimiz.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7b9a759e8b96d62e7279f1dd9be9d9780981df2009635746cbb7d4bbb01e956d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8efd21df0e93b51d-OSL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 10 Dec 2024 12:10:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrV73j9dpWIIWiow3IPs3zgX5iGXwl5h2m71PMRSzaQLzUGD0hfoxjBtgC8N%2FrC%2FUPCZ%2BcrWbHxRdbrfUIsa0faR5M0p%2Bn2A4Qow%2BMzTDExs%2Bv5nLhtHGD0BpjhoSWtvohFHVolTsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=47083&min_rtt=46916&rtt_var=7669&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4488&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=95df91b5b5096145&ts=185&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
90 KB 227ms
83ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16809570305

Requested by

Host: meri.cicekcimiz.shop
URL: https://meri.cicekcimiz.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36ba077a460fd165274681c30a8dfd4c9220ac87bdb01d058fabe01769175714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 10 Dec 2024 12:10:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 12:10:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91272
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 N2kNyHF.png
i.resm.im/ 106 KB
106 KB 217ms
112ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.resm.im/N2kNyHF.png
Requested by: Host: meri.cicekcimiz.shop
URL: https://meri.cicekcimiz.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 439181c7fb38a9803b29e80ea50016cdaf62284d4b2ba4a5e5b75df8ca3185f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

cf-cache-status: DYNAMIC
etag: W/"1a6ae-19396b3827c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3VvgeGrK2o%2FEEkKTF%2Bn3yRA3VTO29j3K9DYfgtQfgWqShkRpm2lJ%2FPoZbUxAJRnuj7pKLeuBFNqXDV4Q%2FIleV8Ire7qxBmXH5w94N2%2FI3BC%2Fg44lNg%2BjGnUKz0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47910&min_rtt=46743&rtt_var=10553&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4746&delivery_rate=13584&cwnd=12000&unsent_bytes=0&cid=7f2e427e7f67a5bb&ts=126&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 10 Dec 2024 12:10:32 GMT
content-type: image/png
vary: Origin, Accept-Encoding
last-modified: Thu, 05 Dec 2024 12:02:47 GMT
priority: u=1,i
cache-control: public, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8efd21e0ebc31c12-OSL
accept-ranges: bytes
access-control-allow-origin: https://resm.im
content-length: 108206
x-powered-by: Express
server: cloudflare

GET
H3 200 Yun2haM.png
i.resm.im/ 287 KB
288 KB 263ms
158ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.resm.im/Yun2haM.png
Requested by: Host: meri.cicekcimiz.shop
URL: https://meri.cicekcimiz.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cdc7c05919237926e97dd8160d1ab5cfb3c609d662b4e7c16f57f0d1ead758c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

cf-cache-status: DYNAMIC
etag: W/"47c3f-19396b41974"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5y09IkO8l0IM7sTN6W4KfLDfqf4Kg1OaR2AHeK1V7HZdqYEZ8234uKslkPOxcmlO5WJqPM%2FcVxOpVlfuZ5kIVsTOCgAESzriuTbNKUJJA9ehoV6pQS100zfiIcc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47910&min_rtt=46743&rtt_var=10553&sent=21&recv=10&lost=0&retrans=0&sent_bytes=16136&recv_bytes=4746&delivery_rate=13584&cwnd=12000&unsent_bytes=0&cid=7f2e427e7f67a5bb&ts=127&x=1", cfExtPri, cfHdrFlush;dur=46
date: Tue, 10 Dec 2024 12:10:32 GMT
content-type: image/png
vary: Origin, Accept-Encoding
last-modified: Thu, 05 Dec 2024 12:03:25 GMT
priority: u=1,i
cache-control: public, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8efd21e0ebc11c12-OSL
accept-ranges: bytes
access-control-allow-origin: https://resm.im
content-length: 293951
x-powered-by: Express
server: cloudflare

GET
H3 200 image-9.png
webbis.site/wp-content/uploads/2024/11/ 74 KB
75 KB 394ms
298ms Image
image/png 172.67.133.187
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webbis.site/wp-content/uploads/2024/11/image-9.png
Requested by: Host: meri.cicekcimiz.shop
URL: https://meri.cicekcimiz.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.187 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6282f0ce1847192ba135bc22b4cae3a011a99e37b928a1ac99718754c3701ccd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idSEYZP%2Flr6JX4KFXIkI7Hm%2B9gPxp9BqVljN56yfYda1wqZeadqwYnbYnGLPgEquRnflrQ6lf4J7t0r8n%2Bsl40QxJkOE7m7GFxs%2F3WVzQaND6dtdsSCf3%2F7oCaNdjw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 17 Dec 2024 12:10:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46931&min_rtt=46677&rtt_var=7608&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4155&recv_bytes=4468&delivery_rate=386&cwnd=12000&unsent_bytes=0&cid=8086ce30ac3d330c&ts=307&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 10 Dec 2024 12:10:32 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 15:51:55 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8efd21e0e921569d-OSL
accept-ranges: bytes
content-length: 76238
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 300
via.placeholder.com/ 2 KB
3 KB 504ms
215ms Image
image/png 23.21.34.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/300
Requested by: Host: meri.cicekcimiz.shop
URL: https://meri.cicekcimiz.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.34.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-34-234.compute-1.amazonaws.com
Software: Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash: 48f4519be70071334ebfc4fca36129277cf93759e5d31df22fc6002bbe772957

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

cache-control: public, max-age=31557600
content-length: 2555
date: Tue, 10 Dec 2024 12:10:32 GMT
content-type: image/png
server: Werkzeug/2.2.2 Python/3.9.16

GET
H3 200 email-decode.min.js Show response
meri.cicekcimiz.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 52ms
52ms Script
application/javascript 172.67.192.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meri.cicekcimiz.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: meri.cicekcimiz.shop
URL: https://meri.cicekcimiz.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.192.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQtHWikdRvbx25OclFYfgNOhZZKHustaXZzk3zqTuavxe9BtDsphU8OTR%2BgtVzsq8U0Hb5%2B3ism9J42ojEWpBkMzjcab0t10VbKgHtBxVvu5x3kscaseZvA5Of76XDBLTzDRRHTCmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8efd21e0486ab51d-OSL
expires: Thu, 12 Dec 2024 12:10:32 GMT
date: Tue, 10 Dec 2024 12:10:32 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
server: cloudflare
vary: Accept-Encoding

POST
H3 200 collect
www.google.com/ccm/ 0
0 205ms
74ms Ping
text/plain 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fmeri.cicekcimiz.shop%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=868164861.1733832633&auid=207089171.1733832633&npa=1&gtm=45be4c90za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&tft=1733832632723&tfd=646&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16809570305
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame C254 0
0 206ms
72ms Document
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fmeri.cicekcimiz.shop

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16809570305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 12:10:32 GMT
expires: Wed, 10 Dec 2025 12:10:32 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 404 favicon.ico
meri.cicekcimiz.shop/ 1 KB
1 KB 155ms
155ms Other
text/html 172.67.192.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meri.cicekcimiz.shop/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://meri.cicekcimiz.shop/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVCbD0huPxj5r0XODleNiUXW%2FwuqGT%2BNkqUnzkPyW%2FuqlMnwys4c933sd5P2Tf%2B%2Bsk7wfr46waP6ac4Jlsb9XuAUYKYf%2F2DSF%2Fq7ekrfkvEHow2oY0DVTupFtRY%2BKIOCt0LFc%2FhSog%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8efd21e41ce4b51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47470&min_rtt=46916&rtt_var=3956&sent=17&recv=14&lost=0&retrans=0&sent_bytes=8878&recv_bytes=5286&delivery_rate=15224&cwnd=12000&unsent_bytes=0&cid=95df91b5b5096145&ts=966&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 10 Dec 2024 12:10:33 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cicekcimiz.shop/	1970-01-21 03:46:48	Name: _gcl_au Value: 1.1.207089171.1733832633

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://meri.cicekcimiz.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.resm.im
meri.cicekcimiz.shop
via.placeholder.com
webbis.site
www.google.com
www.googletagmanager.com
142.250.185.196
172.67.133.187
172.67.192.85
188.114.97.3
23.21.34.234
2a00:1450:4001:811::2008
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
36ba077a460fd165274681c30a8dfd4c9220ac87bdb01d058fabe01769175714
439181c7fb38a9803b29e80ea50016cdaf62284d4b2ba4a5e5b75df8ca3185f3
48f4519be70071334ebfc4fca36129277cf93759e5d31df22fc6002bbe772957
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
6282f0ce1847192ba135bc22b4cae3a011a99e37b928a1ac99718754c3701ccd
7b9a759e8b96d62e7279f1dd9be9d9780981df2009635746cbb7d4bbb01e956d
cdc7c05919237926e97dd8160d1ab5cfb3c609d662b4e7c16f57f0d1ead758c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

meri.cicekcimiz.shop Open in urlscan Pro 172.67.192.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

568 kBTransfer

729 kBSize

1 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

meri.cicekcimiz.shop Open in urlscan Pro
172.67.192.85 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

568 kB
Transfer

729 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions