tamzaradokumasi.com.tr

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 5.250.248.146, located in Istanbul, Turkey and belongs to AYSIMA, TR. The main domain is tamzaradokumasi.com.tr.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2024. Valid for: a year.

This is the only time tamzaradokumasi.com.tr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alibaba (Online)

Domain & IP information

	IP Address		AS Autonomous System
1 7	5.250.248.146 5.250.248.146		59674 (AYSIMA) (AYSIMA)
7	2

7 5.250.248.146 (Istanbul, Turkey) 1 redirects

ASN59674 (AYSIMA, TR)
PTR: tr1.hisarbilisim.com

tamzaradokumasi.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	tamzaradokumasi.com.tr 1 redirects tamzaradokumasi.com.tr	301 KB
7	1

	Domain	Requested by
7	tamzaradokumasi.com.tr	1 redirects tamzaradokumasi.com.tr
7	1

This site contains no links.

Subject Issuer	Validity	Valid
tamzaradokumasi.com.tr Sectigo RSA Domain Validation Secure Server CA	`2024-01-03` - `2025-01-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid=
Frame ID: C29163B194EE67E82C25BBB20EFF7D4F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Alibaba Manufacturer Directory - Suppliers, Manufacturers, Exporters & Importers

Page URL History Show full URLs

https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/index.php HTTP 302
https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

301 kB
Transfer

304 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/index.php HTTP 302
https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request xh49ss9qxklxi87n6tz2119f.php Show response tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/ Redirect Chain https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/index.php https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid=	4 KB 2 KB	426ms 425ms	Document text/html	5.250.248.146 AYSIMA
General Check archive.org Show headers Download Go to Full URL https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.250.248.146 Istanbul, Turkey, ASN59674 (AYSIMA, TR), Reverse DNS tr1.hisarbilisim.com Software Apache/2 / Resource Hash `79b8a51b84226b677dfcbf357cb6ab26b40c978f43a3aefec8ba2030a04f1e03` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-encoding gzip content-length 1622 content-type text/html; charset=UTF-8 date Wed, 21 Aug 2024 05:43:11 GMT server Apache/2 vary Accept-Encoding,User-Agent Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Wed, 21 Aug 2024 05:43:10 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= pragma no-cache server Apache/2 vary User-Agent
GET H2	200	a.png tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/	47 KB 47 KB	688ms 688ms	Image image/png	5.250.248.146 AYSIMA
General Check archive.org Show headers Download Go to Show image Full URL https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/a.png Requested by Host: tamzaradokumasi.com.tr URL: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.250.248.146 Istanbul, Turkey, ASN59674 (AYSIMA, TR), Reverse DNS tr1.hisarbilisim.com Software Apache/2 / Resource Hash `57797ef890664196895718f1e87f72b382e27fdc4d9200139f902ce9e7c54722` Request headers Referer https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 05:43:11 GMT last-modified Sun, 24 Jun 2018 00:59:54 GMT server Apache/2 accept-ranges bytes etag "bc75-56f58c86dd680" content-length 48245 content-type image/png
GET H2	200	b.jpg tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/	240 KB 240 KB	408ms 408ms	Image image/jpeg	5.250.248.146 AYSIMA
General Check archive.org Show headers Download Go to Show image Full URL https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/b.jpg Requested by Host: tamzaradokumasi.com.tr URL: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.250.248.146 Istanbul, Turkey, ASN59674 (AYSIMA, TR), Reverse DNS tr1.hisarbilisim.com Software Apache/2 / Resource Hash `fbe7f4cd74e8c64ebda2dda0993ebcca191c6da66a476de7879d3e9532f23e52` Request headers Referer https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 05:43:11 GMT last-modified Thu, 12 Jul 2018 03:21:26 GMT server Apache/2 accept-ranges bytes etag "3bf10-570c4dbbc3980" content-length 245520 content-type image/jpeg
GET H2	200	1.png tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/	11 KB 11 KB	665ms 664ms	Image image/png	5.250.248.146 AYSIMA
General Check archive.org Show headers Download Go to Show image Full URL https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/1.png Requested by Host: tamzaradokumasi.com.tr URL: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.250.248.146 Istanbul, Turkey, ASN59674 (AYSIMA, TR), Reverse DNS tr1.hisarbilisim.com Software Apache/2 / Resource Hash `dabd1b453cba1ae3da462d9979fe892bba211fda0410db6a0b506dbf66be2ab4` Request headers Referer https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 05:43:11 GMT last-modified Thu, 12 Jul 2018 03:42:00 GMT server Apache/2 accept-ranges bytes etag "2b51-570c525499200" content-length 11089 content-type image/png
GET		3.png tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/	0 0

GET H2	200	3.png tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/	611 B 681 B	663ms 661ms	Image image/png	5.250.248.146 AYSIMA
General Check archive.org Show headers Download Go to Show image Full URL https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/3.png Requested by Host: tamzaradokumasi.com.tr URL: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.250.248.146 Istanbul, Turkey, ASN59674 (AYSIMA, TR), Reverse DNS tr1.hisarbilisim.com Software Apache/2 / Resource Hash `99ab40cec95ea0b8314c7f889b9e5f8b252c396cb507e513ca0e0bde627e0c5e` Request headers Referer https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 05:43:11 GMT last-modified Sat, 23 Jun 2018 22:17:02 GMT server Apache/2 accept-ranges bytes etag "263-56f5681f8f380" content-length 611 content-type image/png
GET H2	200	favicon.ico tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/	1 KB 553 B	267ms 257ms	Other image/x-icon	5.250.248.146 AYSIMA
General Check archive.org Show headers Download Go to Full URL https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 5.250.248.146 Istanbul, Turkey, ASN59674 (AYSIMA, TR), Reverse DNS tr1.hisarbilisim.com Software Apache/2 / Resource Hash `12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5` Request headers Referer https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 21 Aug 2024 05:43:12 GMT content-encoding gzip last-modified Sat, 23 Jun 2018 22:28:12 GMT server Apache/2 etag "57e-56f56a9e85700-gzip" vary Accept-Encoding,User-Agent content-type image/x-icon accept-ranges bytes content-length 443

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tamzaradokumasi.com.tr
URL: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/images/3.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alibaba (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| unhideBody

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tamzaradokumasi.com.tr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 65d631786a9670a1ab36485cf75c8c0d

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://tamzaradokumasi.com.tr/vendor/core/core/acl/login.alibaba-com/xh49ss9qxklxi87n6tz2119f.php?tracelog=hd_signin&cid= Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tamzaradokumasi.com.tr
tamzaradokumasi.com.tr
5.250.248.146
12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5
57797ef890664196895718f1e87f72b382e27fdc4d9200139f902ce9e7c54722
79b8a51b84226b677dfcbf357cb6ab26b40c978f43a3aefec8ba2030a04f1e03
99ab40cec95ea0b8314c7f889b9e5f8b252c396cb507e513ca0e0bde627e0c5e
dabd1b453cba1ae3da462d9979fe892bba211fda0410db6a0b506dbf66be2ab4
fbe7f4cd74e8c64ebda2dda0993ebcca191c6da66a476de7879d3e9532f23e52

tamzaradokumasi.com.tr Open in urlscan Pro 5.250.248.146 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

301 kBTransfer

304 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

tamzaradokumasi.com.tr Open in urlscan Pro
5.250.248.146 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

301 kB
Transfer

304 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!