ziraat-mobilavantaj87.xyz Open in urlscan Pro
154.216.20.140  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ziraat-mobilavantaj87.xyz/	17 KB 5 KB	739ms 170ms	Document text/html	154.216.20.140 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://ziraat-mobilavantaj87.xyz/?u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.216.20.140 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software LiteSpeed / PHP/8.3.14 PleskLin Resource Hash 8fbb30a663bc17b4a96592fd60efde9ba0cd4323457af95cc7b78994a44a0716 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-length 4486 content-type text/html; charset=UTF-8 date Fri, 03 Jan 2025 15:45:04 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.3.14 PleskLin
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	176ms 57ms	Script text/javascript	2607:f8b0:400d:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj87.xyz/ Response headers content-encoding gzip age 516012 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sun, 28 Dec 2025 16:24:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 28 Dec 2024 16:24:52 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30399 x-xss-protection 0 server sffe
GET H2	200	bootstrap-icons.css cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/	96 KB 14 KB	98ms 29ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://ziraat-mobilavantaj87.xyz Referer https://ziraat-mobilavantaj87.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"17fcf-G+wTgIPTsn/2h6nUG4C3l88gtwk" age 3772695 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Fri, 03 Jan 2025 15:45:04 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230023-FRA, cache-mia-kmia1760080-MIA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 13601 x-jsd-version 1.11.1
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 20 KB	102ms 33ms	Stylesheet text/css	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://ziraat-mobilavantaj87.xyz Referer https://ziraat-mobilavantaj87.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" age 3315070 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Fri, 03 Jan 2025 15:45:04 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230097-FRA, cache-mia-kmia1760080-MIA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 20016 x-jsd-version 5.0.2
GET H3	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/	28 KB 7 KB	82ms 43ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj87.xyz/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "89916fa773ce96569604016ef25cab50" age 720991 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 03 Jan 2025 15:45:04 GMT last-modified Mon, 25 Jan 2021 22:04:54 GMT content-type text/css; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 12/21/2024 13:35:07 cdn-requestpullcode 200 priority u=0,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 1 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid d85e51c304b471e1feb46c8db85dad40 cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.07 cf-ray 8fc41d217fc0a578-MIA access-control-allow-origin * cdn-edgestorageid 1210 server cloudflare cdn-requestcountrycode US
GET H3	200	bootstrap.bundle.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	69 KB 21 KB	89ms 49ms	Script application/javascript	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.bundle.min.js Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj87.xyz/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "ef58fee438cd2da2c3b33ff6f1cfeebf" age 2519770 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 03 Jan 2025 15:45:04 GMT last-modified Mon, 25 Jan 2021 22:04:06 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 11/20/2024 17:01:52 cdn-requestpullcode 200 priority u=1,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid c4c2394b5daef406133bcd5c8b090628 cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.06 cf-ray 8fc41d217f9ca4ec-MIA access-control-allow-origin * cdn-edgestorageid 976 server cloudflare cdn-requestcountrycode US
GET H3	200	jquery.mask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/	23 KB 5 KB	94ms 52ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.js Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj87.xyz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03ec3-5a58" age 444689 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQTp8kSU5TTgJiIi1%2BLMy1lsI9TtoVFPO32gNrPbP%2Bsm%2BxnRDMW6A7nE6FL546N%2FIeLIDtI8dKLA2N7G2fm%2Bo6iDKJtmC0R9X2ZGt61WLULmmBqGbD06LoqHxWn1W71IIeodDf%2FU"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 24 Dec 2025 15:45:04 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 03 Jan 2025 15:45:04 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:47 GMT vary Accept-Encoding priority u=1,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8fc41d217bac74a2-MIA accept-ranges bytes access-control-allow-origin * content-length 4938 server cloudflare
GET H3	200	nftx3pu.PNG i.hizliresim.com/	30 KB 31 KB	131ms 44ms	Image image/jpeg	172.67.154.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.hizliresim.com/nftx3pu.PNG Requested by Host: ziraat-mobilavantaj87.xyz URL: https://ziraat-mobilavantaj87.xyz/?u Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.131 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1822d9787fd9131004d5025c6eba163481bde41c482ea923bb6b3f57e2ee8ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj87.xyz/ Response headers cf-cache-status HIT etag "9d2b39426efe1784e57b9c1921b8a5af" age 4461 x-wasabi-cm-reference-id 1734939837081 38.27.106.126 ConID:826030380/EngineConID:7884564/Core:67 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIDC6M6d1dhevVaS3y3l%2FZ9PYd70lpN%2BTBDPqWAYTPY6V2ABQxGvCfEA%2B0ssZvAMJc8qhOdyzVu5iDZq8u7gyHIeQIHKghb%2Buw6s7xVgqnepUu25VUDserf1Wf9rqXF%2FvBab"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29105&min_rtt=29038&rtt_var=10937&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4321&delivery_rate=96529&cwnd=12000&unsent_bytes=0&cid=2987e84531a9ee98&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 03 Jan 2025 15:45:04 GMT content-type image/jpeg last-modified Mon, 15 Jul 2024 22:25:14 GMT vary Accept-Encoding priority u=2,i x-amz-id-2 vXhZ9ETOy4/YLSyWf4DFVJY9+7a/0LGmDIyLLGyOyTcva9PlDPZYmGDLY4J+6ugE7d5WNd3JUotX strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 4A3E2AC227C3BD0F:A cf-ray 8fc41d21ce94d9cd-MIA accept-ranges bytes content-length 30758 server cloudflare
GET H2	404	favicon.ico ziraat-mobilavantaj87.xyz/	808 B 466 B	167ms 165ms	Other text/html	154.216.20.140 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://ziraat-mobilavantaj87.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.216.20.140 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software LiteSpeed / PleskLin Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj87.xyz/?u Response headers content-encoding br etag "328-66fdb699-976819dd8f7d3d14;br" accept-ranges bytes content-length 369 date Fri, 03 Jan 2025 15:45:04 GMT content-type text/html last-modified Wed, 02 Oct 2024 21:09:45 GMT vary Accept-Encoding server LiteSpeed x-powered-by PleskLin

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| login object| password object| nextPage object| form1 object| form2 object| sendData function| isValidTCKN function| check function| check4 function| check6 function| valid_credit_card function| check2 function| postwith

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ziraat-mobilavantaj87.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: acnj9loirli0u9b7eu8fsllo97

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ziraat-mobilavantaj87.xyz/?u Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://ziraat-mobilavantaj87.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
i.hizliresim.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
ziraat-mobilavantaj87.xyz
104.17.24.14
104.18.10.207
104.18.11.207
154.216.20.140
172.67.154.131
2607:f8b0:400d:c09::5f
2a04:4e42::485
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
8fbb30a663bc17b4a96592fd60efde9ba0cd4323457af95cc7b78994a44a0716
a1822d9787fd9131004d5025c6eba163481bde41c482ea923bb6b3f57e2ee8ef
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48