urlscan.io logo urlscan.io
SecurityTrails logo

en.maraltours.com Open in urlscan Pro
45.151.249.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/hbTvNybl84
Effective URL: https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
Submission: On November 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 45.151.249.208, located in Izmir, Turkey and belongs to VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR. The main domain is en.maraltours.com.
TLS certificate: Issued by R3 on October 27th 2022. Valid for: 3 months.
This is the only time en.maraltours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 1 13.76.85.56 8075 (MICROSOFT...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 45.151.249.208 209853 (VERIDYEN ...)
5 2
Apex Domain
Subdomains		 Transfer
4 maraltours.com
en.maraltours.com
65 KB
1 owsm.ly
owsm.ly
734 B
1 yam.com
s.yam.com
294 B
1 t.co
t.co — Cisco Umbrella Rank: 475
552 B
5 4
Domain Requested by
4 en.maraltours.com t.co
en.maraltours.com
1 owsm.ly 1 redirects
1 s.yam.com 1 redirects
1 t.co
5 4

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
en.maraltours.com
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
Frame ID: 6073BE5D9AD859B1F51F4FBFB92981F0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Document

Page URL History Show full URLs

  1. https://t.co/hbTvNybl84 Page URL
  2. https://s.yam.com/9nEM1?gdgdgd HTTP 302
    https://owsm.ly/nVmBwTLR6f?gdgdgd HTTP 301
    https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

5
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

3
Countries

65 kB
Transfer

141 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/hbTvNybl84 Page URL
  2. https://s.yam.com/9nEM1?gdgdgd HTTP 302
    https://owsm.ly/nVmBwTLR6f?gdgdgd HTTP 301
    https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hbTvNybl84
t.co/ 		245 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/hbTvNybl84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
179
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 20:04:47 GMT
expires
Mon, 14 Nov 2022 20:09:47 GMT
perf
7626143928
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
e3a9c4f03fa617681a523cbf61aa78ebbe6398a0d4a6acd93b68db381e7f6265
x-response-time
114
x-transaction-id
b11246e9de913e76
x-xss-protection
0
Primary Request /
en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
Redirect Chain
  • https://s.yam.com/9nEM1?gdgdgd
  • https://owsm.ly/nVmBwTLR6f?gdgdgd
  • https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
389 B
678 B 		Document
General
Check archive.org
Download Go to
Full URL
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
Requested by
Host: t.co
URL: https://t.co/hbTvNybl84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.151.249.208 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS
novus.veridyen.com
Software
/
Resource Hash
ea771cbf42a69918c0f50d76bf7b318ea505715f81dcd60e6b264967ea488793

Request headers

Referer
https://t.co/hbTvNybl84
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
280
content-type
text/html; charset=UTF-8
date
Mon, 14 Nov 2022 20:04:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
76a25bbca805902a-FRA
content-type
text/html; charset=UTF-8
date
Mon, 14 Nov 2022 20:04:49 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doG4UlfeAbA76Ndbc5uIBpjWLmj81kStzHeEAeOXEkdXDp%2BEusZ%2BQuG%2FOYRIrPBflAELjLAebfzunZPbOWta1X4Rxi1DsXYtMvAKwv6A%2BqNpvTSag%2ByM444Zoxq8k4OpEJj22eQK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
captcha.js
en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/assets/js/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/assets/js/captcha.js
Requested by
Host: en.maraltours.com
URL: https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.151.249.208 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS
novus.veridyen.com
Software
/
Resource Hash
6f7d1dc4867c2df3a57e5ab46e45d755e11eee0abbefa53a22e56219fcd89c61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 20:04:49 GMT
content-encoding
br
last-modified
Mon, 14 Nov 2022 00:14:50 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
42045
expires
Mon, 21 Nov 2022 20:04:49 GMT
captcha.png
en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/captcha.png?_1668456291975
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.151.249.208 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS
novus.veridyen.com
Software
/
Resource Hash
7b23dccb3fb8dc2935c7ff0b2fd1c00ddd46b5e10092919c3c6b76f90944c462

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 14 Nov 2022 20:04:51 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
2134651.png
en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/2134651.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.151.249.208 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS
novus.veridyen.com
Software
/
Resource Hash
8d1cee41c4e9c9e02bf8bb1a9f0fb4949d799017113518380fcff3927ba70fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.maraltours.com/wp-includes/images/media/newrepnceo/newrepnceo/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/png
date
Mon, 14 Nov 2022 20:04:51 GMT
cache-control
public, max-age=604800
last-modified
Mon, 14 Nov 2022 00:14:51 GMT
accept-ranges
bytes
content-length
17754
expires
Mon, 21 Nov 2022 20:04:51 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setImmediate function| clearImmediate function| Vue

4 Cookies

Domain/Path Name / Value
owsm.ly/user/ Name: PHPSESSID
Value: 1dd325c723c6e0ab902bb61c2d848420
.t.co/ Name: muc
Value: 5471972e-20f5-4019-8678-08cb4bfcaa4a
owsm.ly/ Name: s_statistics_6545
Value: 0
en.maraltours.com/ Name: cazanova
Value: 1463b9f63bf221464526c9357c51d847c6f92d98

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0