176.40.40.132 Open in urlscan Pro
176.40.40.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Submission: On July 21 via api (July 21st 2020, 9:30:45 am UTC) from TW

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 176.40.40.132, located in Adana, Turkey and belongs to TELLCOM-AS, TR. The main domain is 176.40.40.132.

This is the only time 176.40.40.132 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	176.40.40.132 176.40.40.132	34984 (TELLCOM-AS) (TELLCOM-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
8	3

6 176.40.40.132 (Adana, Turkey)

ASN34984 (TELLCOM-AS, TR)

176.40.40.132	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	jquery.com code.jquery.com	71 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	18 KB
8	2

	Domain	Requested by
1	code.jquery.com	176.40.40.132
1	maxcdn.bootstrapcdn.com	176.40.40.132
8	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Frame ID: 697EEF01DFABBBB378710F7B9E23C0A2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Page Statistics

8
Requests

0 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

835 kB
Transfer

1098 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set login.asp Show response
176.40.40.132/takip2/ 4 KB
4 KB 168ms
155ms Document
text/html 176.40.40.132
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 176.40.40.132 Adana, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 919258c68b937cc723c70d5c89784b50bd5621f7492a6dd7ff84d1f1a19f8b55

Request headers

Host: 176.40.40.132
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; Charset=UTF-8
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDCACTTTSR=OPNHLFKCFHNHDLFJFDKFIFKP; path=/
Date: Tue, 21 Jul 2020 09:30:22 GMT
Content-Length: 4272

GET
H/1.1 200
OK login-style.css
176.40.40.132/takip2/css/ 10 KB
3 KB 81ms
80ms Stylesheet
text/css 176.40.40.132
TELLCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://176.40.40.132/takip2/css/login-style.css
Requested by: Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 176.40.40.132 Adana, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 1ca7e082e992ce979eb67514e8faa9b96f7843cce1acb4c35275d201bc466fa7

Request headers

Referer: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 09:30:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Aug 2019 07:19:15 GMT
Server: Microsoft-IIS/8.5
ETag: "809be685e56d51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2631

GET
H/1.1 200
OK bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
18 KB 12ms
6ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css

Requested by

Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 09:30:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:34:06 GMT
ETag: "1544639646"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 18137

GET
H/1.1 200
OK jquery-2.1.0.js Show response
code.jquery.com/ 239 KB
71 KB 13ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-2.1.0.js
Requested by: Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fa7752926a95e3ab6b5f67a21ef40628ce4447c81ddf4f6cacf663b6fb85af7

Request headers

Referer: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 09:30:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: "54499a47-3bce3"
Vary: Accept-Encoding
X-HW: 1595323824.dop161.fr8.t,1595323824.cds002.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 72211

GET
H/1.1 200
OK giris-izmatiklogo.png
176.40.40.132/takip2/images/bayilogo/ 37 KB
38 KB 159ms
146ms Image
image/png 176.40.40.132
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://176.40.40.132/takip2/images/bayilogo/giris-izmatiklogo.png
Requested by: Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 176.40.40.132 Adana, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 4a6f14c12b065ea3a1a3d62661b0216a5a46c2abf3891d411d728722240566df

Request headers

Referer: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 09:30:23 GMT
Last-Modified: Mon, 30 Jun 2014 12:56:31 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "87f231b76294cf1:0"
Content-Length: 38232
Content-Type: image/png

GET
H/1.1 200
OK captcha.asp
176.40.40.132/takip2/utils/ 3 KB
4 KB 168ms
168ms Image
image/bmp 176.40.40.132
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://176.40.40.132/takip2/utils/captcha.asp
Requested by: Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 176.40.40.132 Adana, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d82c6007c4d3cfd13349c45edcd944482dc88fa5012124f10f8311b73fec54cd

Request headers

Referer: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Jul 2020 09:30:23 GMT
Server: Microsoft-IIS/8.5
Content-Type: image/bmp
Cache-Control: no-cache
Content-Disposition: inline; filename=captcha.bmp
Connection: close
Expires: Tue, 21 Jul 2020 09:29:23 GMT

GET
H/1.1 200
OK android.png
176.40.40.132/takip2/images/ 16 KB
16 KB 161ms
148ms Image
image/png 176.40.40.132
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://176.40.40.132/takip2/images/android.png
Requested by: Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 176.40.40.132 Adana, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 7b8ec067b0f389c0f901c5f19decaf7872dc566899bfb1c84a44ae1c6de26f00

Request headers

Referer: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 09:30:23 GMT
Last-Modified: Wed, 11 Sep 2019 15:10:09 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "94fb800b368d51:0"
Content-Length: 16096
Content-Type: image/png

GET
H/1.1 200
OK bg_new.jpg
176.40.40.132/takip2/images/login/ 681 KB
682 KB 177ms
164ms Image
image/jpeg 176.40.40.132
TELLCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://176.40.40.132/takip2/images/login/bg_new.jpg
Requested by: Host: 176.40.40.132
URL: http://176.40.40.132/takip2/login.asp?19216803101020191054395340
Protocol: HTTP/1.1
Server: 176.40.40.132 Adana, Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e944b682504b091fe7f4af5bbbe302d5cea66dbc8213afcb36a221c5e9bad409

Request headers

Referer: http://176.40.40.132/takip2/css/login-style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 09:30:23 GMT
Last-Modified: Sat, 16 Jul 2016 10:00:49 GMT
Server: Microsoft-IIS/8.5
Accept-Ranges: bytes
ETag: "7caef6ed48dfd11:0"
Content-Length: 697849
Content-Type: image/jpeg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| hideURLbar function| $ function| jQuery function| RefreshImage

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			176.40.40.132/	1969-12-31 23:59:59	Name: ASPSESSIONIDCACTTTSR Value: OPNHLFKCFHNHDLFJFDKFIFKP

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
maxcdn.bootstrapcdn.com
176.40.40.132
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
0fa7752926a95e3ab6b5f67a21ef40628ce4447c81ddf4f6cacf663b6fb85af7
1ca7e082e992ce979eb67514e8faa9b96f7843cce1acb4c35275d201bc466fa7
4a6f14c12b065ea3a1a3d62661b0216a5a46c2abf3891d411d728722240566df
7b8ec067b0f389c0f901c5f19decaf7872dc566899bfb1c84a44ae1c6de26f00
919258c68b937cc723c70d5c89784b50bd5621f7492a6dd7ff84d1f1a19f8b55
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
d82c6007c4d3cfd13349c45edcd944482dc88fa5012124f10f8311b73fec54cd
e944b682504b091fe7f4af5bbbe302d5cea66dbc8213afcb36a221c5e9bad409

176.40.40.132 Open in urlscan Pro 176.40.40.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

835 kBTransfer

1098 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

176.40.40.132 Open in urlscan Pro
176.40.40.132 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

835 kB
Transfer

1098 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions