d2lwxqei0cv44.cloudfront.net Open in urlscan Pro
2600:9000:2305:e200:16:a7c4:2100:93a1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://d2lwxqei0cv44.cloudfront.net/
Effective URL:
https://d2lwxqei0cv44.cloudfront.net/
Submission: On August 08 via manual (August 8th 2024, 2:42:51 pm UTC) from TR — Scanned from US

Summary HTTP 133 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 11 domains to perform 133 HTTP transactions. The main IP is 2600:9000:2305:e200:16:a7c4:2100:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d2lwxqei0cv44.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d2lwxqei0cv44.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: A101 (Retail)

Domain & IP information

	IP Address	AS Autonomous System
48	2600:9000:230... 2600:9000:2305:e200:16:a7c4:2100:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:247... 2600:9000:2479:2000:8:bf12:1b40:21	16509 (AMAZON-02) (AMAZON-02)
5	23.251.107.37 23.251.107.37	21859 (ZEN-ECN) (ZEN-ECN)
18	98.96.201.213 98.96.201.213	21859 (ZEN-ECN) (ZEN-ECN)
2	2606:4700:20:... 2606:4700:20::ac43:4913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
11	2600:9000:250... 2600:9000:2508:c000:1d:f5d6:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
2	2600:1408:ec0... 2600:1408:ec00:b::1730:cbb1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	209.85.201.154 209.85.201.154	15169 (GOOGLE) (GOOGLE)
2	2a10:9440:1:1... 2a10:9440:1:11::4	42216 (NETVISER ...) (NETVISER WWW.INTERNETSAHIBI.NET)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700:20:... 2606:4700:20::681a:4d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::8b	15169 (GOOGLE) (GOOGLE)
1	2600:1408:ec0... 2600:1408:ec00:286::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1408:ec0... 2600:1408:ec00:288::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:400d:c00::5f	15169 (GOOGLE) (GOOGLE)
2	172.217.222.95 172.217.222.95	15169 (GOOGLE) (GOOGLE)
133	23

48 2600:9000:2305:e200:16:a7c4:2100:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2lwxqei0cv44.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2479:2000:8:bf12:1b40:21 (United States)

ASN16509 (AMAZON-02, US)

dq19r96s0yq25.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.251.107.37 (Chicago, United States)

ASN21859 (ZEN-ECN, US)

cdn2-test.a101.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 98.96.201.213 (United States)

ASN21859 (ZEN-ECN, US)

api-bp.a101test.retter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rio-test.a101.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.a101.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4913 (United States)

ASN13335 (CLOUDFLARENET, US)

collector.wawlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2508:c000:1d:f5d6:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.a101test.retter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:ec00:b::1730:cbb1 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a10:9440:1:11::4 (Turkey)

ASN42216 (NETVISER WWW.INTERNETSAHIBI.NET, TR)

signals.a101.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:4d3 (United States)

ASN13335 (CLOUDFLARENET, US)

a101-ecom.wawlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::8b (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:286::f09 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:288::f09 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c00::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

identitytoolkit.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f95.1e100.net

identitytoolkit.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	cloudfront.net d2lwxqei0cv44.cloudfront.net dq19r96s0yq25.cloudfront.net	3 MB
23	a101.com.tr cdn2-test.a101.com.tr rio-test.a101.com.tr signals.a101.com.tr — Cisco Umbrella Rank: 905257 cdn2.a101.com.tr — Cisco Umbrella Rank: 643397	356 KB
13	retter.io api-bp.a101test.retter.io api.a101test.retter.io Failed	1 MB
12	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 420 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 314 identitytoolkit.googleapis.com — Cisco Umbrella Rank: 6472 firebaselogging-pa.googleapis.com Failed	3 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 q.clarity.ms — Cisco Umbrella Rank: 8520 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 6421 consentcdn.cookiebot.com — Cisco Umbrella Rank: 7143 imgsct.cookiebot.com — Cisco Umbrella Rank: 8045	35 KB
4	wawlabs.com collector.wawlabs.com — Cisco Umbrella Rank: 300164 a101-ecom.wawlabs.com — Cisco Umbrella Rank: 761090	23 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	229 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	776 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	64 B
133	11

	Domain	Requested by
48	d2lwxqei0cv44.cloudfront.net	d2lwxqei0cv44.cloudfront.net
15	rio-test.a101.com.tr	d2lwxqei0cv44.cloudfront.net
11	api.a101test.retter.io	d2lwxqei0cv44.cloudfront.net
9	dq19r96s0yq25.cloudfront.net	d2lwxqei0cv44.cloudfront.net
6	firebaseremoteconfig.googleapis.com	d2lwxqei0cv44.cloudfront.net
5	cdn2-test.a101.com.tr	d2lwxqei0cv44.cloudfront.net
4	identitytoolkit.googleapis.com	d2lwxqei0cv44.cloudfront.net
4	q.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	a101-ecom.wawlabs.com	collector.wawlabs.com
2	www.clarity.ms	d2lwxqei0cv44.cloudfront.net www.clarity.ms
2	signals.a101.com.tr	d2lwxqei0cv44.cloudfront.net signals.a101.com.tr
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
2	firebaseinstallations.googleapis.com	d2lwxqei0cv44.cloudfront.net
2	www.googletagmanager.com	d2lwxqei0cv44.cloudfront.net www.googletagmanager.com
2	collector.wawlabs.com	d2lwxqei0cv44.cloudfront.net
2	api-bp.a101test.retter.io	d2lwxqei0cv44.cloudfront.net
1	imgsct.cookiebot.com
1	c.bing.com	1 redirects
1	cdn2.a101.com.tr	d2lwxqei0cv44.cloudfront.net
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	www.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
0	firebaselogging-pa.googleapis.com Failed	d2lwxqei0cv44.cloudfront.net
133	24

This site contains links to these domains. Also see Links.

Domain
www.a101.com.tr
superapp-pre-prod-rt.a101.loodos.dev
a101hadi.a101.com.tr
tr-tr.facebook.com
www.instagram.com
twitter.com
www.tiktok.com
www.youtube.com
www.linkedin.com
onelink.to
www.guvendamgasi.org.tr
www.eticaret.gov.tr

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.a101.com.tr R11	`2024-06-11` - `2024-09-09`	3 months	crt.sh
api-bp.a101test.retter.io Encryption Everywhere DV TLS CA - G2	`2024-05-02` - `2025-05-01`	a year	crt.sh
wawlabs.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
api.a101test.retter.io Amazon RSA 2048 M02	`2024-05-29` - `2025-06-28`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
signals.a101.com.tr R11	`2024-07-23` - `2024-10-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://d2lwxqei0cv44.cloudfront.net/
Frame ID: 1C4372D60C921D96ADC99863ECA7377A
Requests: 119 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: ED8B480F5E27F4DD132C83899FCE6645
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A101 HARCA HARCA BİTMEZ

Page URL History Show full URLs

http://d2lwxqei0cv44.cloudfront.net/ HTTP 307
https://d2lwxqei0cv44.cloudfront.net/ Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

133
Requests

92 %
HTTPS

70 %
IPv6

11
Domains

24
Subdomains

23
IPs

2
Countries

5306 kB
Transfer

8432 kB
Size

11
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.a101.com.tr/kapida/meyve-sebze

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/oto-bahce-yapi

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/redirect?pageName=CAMPAIGN_DETAIL_PRODUCT_LIST&query=Z010&field=promotionCode&value=Z010

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/afisler-hadi

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/aldin-aldin-bu-hafta-brosuru
Title: 2-8 Mart

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/aldin-aldin-gelecek-hafta-brosuru
Title: test afiş

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/buyuk-oldugu-icin-ucuz-afisler
Title: aslı test

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/afisler-haftanin-yildizlari
Title: 10 TL ve üzeri alışverişlerde

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/en-yakin-magazalar

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/aldin-aldin?c=televizyon

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/10tl-ve-uzeri-alisverislerinizde-indirimli-urunler
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/temizlik-urunleri/alo-toz-deterjan-4-kg_p-22001813
Title: ₺31,95₺28,95<img src="/svg/product-thumbnail-padding-online.svg" alt="Alo Toz Deterjan 4 Kg" title="Alo Toz Deterjan 4 Kg" srcSet="/svg/product-thumbnail-padding-online.svg"/>Alo Toz Deterjan 4 Kg₺31,95

Search URL Search Domain Scan URL

URL: https://superapp-pre-prod-rt.a101.loodos.dev/kapida/temizlik-urunleri/ariel-toz-deterjan-4-kg_p-22001812
Title: ₺39,95₺36,95<img src="/svg/product-thumbnail-padding-online.svg" alt="Ariel Toz Deterjan 4 Kg" title="Ariel Toz Deterjan 4 Kg" srcSet="/svg/product-thumbnail-padding-online.svg"/>Ariel Toz Deterjan 4 Kg₺39,95

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/cok-al-az-ode
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://superapp-pre-prod-rt.a101.loodos.dev/kapida/sut-urunleri-kahvaltilik/birsah-laktozsuz-sut-1-lt_p-12000274
Title: 2 AL₺279,80₺215,00<img src="/svg/product-thumbnail-padding-online.svg" alt="Birşah Laktozsuz Süt 1 Lt" title="Birşah Laktozsuz Süt 1 Lt" srcSet="/svg/product-thumbnail-padding-online.svg"/>Birşah Laktozsuz Süt 1 Lt₺4,50

Search URL Search Domain Scan URL

URL: https://superapp-pre-prod-rt.a101.loodos.dev/kapida/temel-gida/oncu-pul-biber-500-gr_p-18001379
Title: 2 AL₺225,80₺1,60<img src="/svg/product-thumbnail-padding-online.svg" alt="Öncü Pul Biber 500 Gr" title="Öncü Pul Biber 500 Gr" srcSet="/svg/product-thumbnail-padding-online.svg"/>Öncü Pul Biber 500 Gr₺16,95

Search URL Search Domain Scan URL

URL: https://superapp-pre-prod-rt.a101.loodos.dev/kapida/sut-urunleri-kahvaltilik/pinar-yarim-yagli-sut-1-lt_p-12001582
Title: 2 AL₺279,80₺215,00<img src="/svg/product-thumbnail-padding-online.svg" alt="Pınar Yarım Yağlı Süt 1 Lt" title="Pınar Yarım Yağlı Süt 1 Lt" srcSet="/svg/product-thumbnail-padding-online.svg"/>Pınar Yarım Yağlı Süt 1 Lt₺4,75

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/temel-gida/oncu-domates-salcasi-1650-gr_p-18001359
Title: 2 AL₺269,80₺199,904 AL₺539,60₺400,00<img src="/svg/product-thumbnail-padding-online.svg" alt="Öncü Domates Salçası 1650 Gr" title="Öncü Domates Salçası 1650 Gr" srcSet="/svg/product-thumbnail-padding-online.svg"/>Öncü Domates Salçası 1650 Gr₺24,90

Search URL Search Domain Scan URL

URL: https://superapp-pre-prod-rt.a101.loodos.dev/kapida/icecek/coffee-mate-kahve-beyazlaticisi-200-gr_p-13000852
Title: 2 AL₺99,80₺74,90<img src="/svg/product-thumbnail-padding-online.svg" alt="Coffee Mate Kahve Beyazlatıcısı 200 Gr" title="Coffee Mate Kahve Beyazlatıcısı 200 Gr" srcSet="/svg/product-thumbnail-padding-online.svg"/>Coffee Mate Kahve Beyazlatıcısı 200 Gr₺10,95

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/aldin-aldin
Title: Tümünü Gör

Search URL Search Domain Scan URL

URL: https://www.a101.com.tr/kapida/tatli/ayran-200-ml-pinar_p-12001491
Title: <img src="/svg/product-thumbnail-padding-online.svg" alt="AYRAN 200 ML PINAR" title="AYRAN 200 ML PINAR" srcSet="/svg/product-thumbnail-padding-online.svg"/>AYRAN 200 ML PINAR₺1,15

Search URL Search Domain Scan URL

URL: https://a101hadi.a101.com.tr/
Title: A101 Hadi Nedir?

Search URL Search Domain Scan URL

URL: https://tr-tr.facebook.com/a101iletisim/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/a101iletisim/

Search URL Search Domain Scan URL

URL: https://twitter.com/a101iletisim

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@a101iletisim

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCFomZfoEfoveaRbIDjAtsZw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/a101/

Search URL Search Domain Scan URL

URL: https://onelink.to/a101superapp
Title: <img draggable="false" sizes="100vw" srcSet="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=640&q=100 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=750&q=100 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=828&q=100 828w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=1080&q=100 1080w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=1200&q=100 1200w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=1920&q=100 1920w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=2048&q=100 2048w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=3840&q=100 3840w" src="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fa101_qr_icon.35cbd491.jpg&w=3840&q=100" decoding="async" data-nimg="fill" style="position:absolute;top:0;left:0

Search URL Search Domain Scan URL

URL: https://www.guvendamgasi.org.tr/view/uye/detay.php?Guid=a59b3dd6-9182-11ed-8e33-48df373f4850
Title: <img draggable="false" sizes="85" srcSet="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=16&q=100 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=32&q=100 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=48&q=100 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=64&q=100 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=96&q=100 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=128&q=100 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=256&q=100 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=384&q=100 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=640&q=100 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&w=750&q=100 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftr_go.ad7359e4.jpg&

Search URL Search Domain Scan URL

URL: https://www.eticaret.gov.tr/siteprofil/79F43C1D5210486889B4F613E5B497FB/wwwa101comtr
Title: <img draggable="false" sizes="85" srcSet="/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=16&q=100 16w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=32&q=100 32w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=48&q=100 48w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=64&q=100 64w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=96&q=100 96w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=128&q=100 128w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=256&q=100 256w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=384&q=100 384w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=640&q=100 640w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&w=750&q=100 750w, /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fetbis.c2fb7b54.jpg&

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://d2lwxqei0cv44.cloudfront.net/ HTTP 307
https://d2lwxqei0cv44.cloudfront.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=30C748B5C9054AEEBE5070661ECC09EA&RedC=c.clarity.ms&MXFR=27E01CA5FDC06BC43EAD0870F9C065D1 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=30C748B5C9054AEEBE5070661ECC09EA&MUID=17FDE68C88AE6CF12E6FF259893C6D90

133 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
d2lwxqei0cv44.cloudfront.net/
Redirect Chain

http://d2lwxqei0cv44.cloudfront.net/
https://d2lwxqei0cv44.cloudfront.net/

130 KB
17 KB

1175ms
853ms

Document
text/html

2600:9000:2305:e200:16:a7c4:2100:93a1
AMAZON-02

General

Domain/Path	Expires	Name / Value
d2lwxqei0cv44.cloudfront.net/	1970-01-21 08:14:48	Name: anon_device_id Value: 2jvtm-fnacl-yjnw0-uq86n
www.clarity.ms/	1970-01-21 07:24:24	Name: CLID Value: 45a2a2349a9f45daa1f136588e01407c.20240808.20250808
.d2lwxqei0cv44.cloudfront.net/	1970-01-21 07:24:24	Name: _clck Value: qq5evm%7C2%7Cfo5%7C0%7C1681
.d2lwxqei0cv44.cloudfront.net/	1970-01-20 22:40:14	Name: _clsk Value: afx736%7C1723128163762%7C1%7C1%7Cq.clarity.ms%2Fcollect
.bing.com/	1970-01-21 08:00:24	Name: MUID Value: 17FDE68C88AE6CF12E6FF259893C6D90
.c.bing.com/	1970-01-20 22:48:52	Name: MR Value: 0
.c.bing.com/	1970-01-21 08:00:24	Name: SRM_B Value: 17FDE68C88AE6CF12E6FF259893C6D90
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 08:00:24	Name: MUID Value: 17FDE68C88AE6CF12E6FF259893C6D90
.c.clarity.ms/	1970-01-20 22:48:52	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:38:48	Name: ANONCHK Value: 0

Source	Level	URL Text
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJGN2FG&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 469) Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	verbose	URL: https://d2lwxqei0cv44.cloudfront.net/_next/static/chunks/5901-2111c5dd09d07aca.js Message: Rendering was performed in a subtree hidden by content-visibility.
javascript	error	URL: https://d2lwxqei0cv44.cloudfront.net/ Message: Access to fetch at 'https://signals.a101.com.tr/e' from origin 'https://d2lwxqei0cv44.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://www.a101.com.tr' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://signals.a101.com.tr/e Message: Failed to load resource: net::ERR_FAILED

d2lwxqei0cv44.cloudfront.net Open in urlscan Pro 2600:9000:2305:e200:16:a7c4:2100:93a1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

92 %HTTPS

70 %IPv6

11 Domains

24 Subdomains

23 IPs

2 Countries

5306 kBTransfer

8432 kBSize

11 Cookies

31 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

d2lwxqei0cv44.cloudfront.net Open in urlscan Pro
2600:9000:2305:e200:16:a7c4:2100:93a1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

92 %
HTTPS

70 %
IPv6

11
Domains

24
Subdomains

23
IPs

2
Countries

5306 kB
Transfer

8432 kB
Size

11
Cookies

133 HTTP transactions
1 data transactions