ziraat-mobilavantaj71.xyz Open in urlscan Pro
154.216.20.140  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ziraat-mobilavantaj71.xyz/	17 KB 5 KB	460ms 119ms	Document text/html	154.216.20.140 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.216.20.140 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software LiteSpeed / PHP/8.3.14 PleskLin Resource Hash 3e9e64573f688770f2909fd16d4e9bdcb0c648a2e7a946ad24af19b8b9b40754 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-length 4485 content-type text/html; charset=UTF-8 date Sat, 28 Dec 2024 15:05:28 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.3.14 PleskLin
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	72ms 22ms	Script text/javascript	2607:f8b0:400d:c03::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj71.xyz/ Response headers content-encoding gzip age 139031 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sat, 27 Dec 2025 00:28:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 27 Dec 2024 00:28:17 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30399 x-xss-protection 0 server sffe
GET H2	200	bootstrap-icons.css cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/	96 KB 14 KB	33ms 8ms	Stylesheet text/css	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/bootstrap-icons.css Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://ziraat-mobilavantaj71.xyz Referer https://ziraat-mobilavantaj71.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"17fcf-G+wTgIPTsn/2h6nUG4C3l88gtwk" age 1598240 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sat, 28 Dec 2024 15:05:28 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230023-FRA, cache-lga21935-LGA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 13601 x-jsd-version 1.11.1
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 20 KB	33ms 9ms	Stylesheet text/css	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://ziraat-mobilavantaj71.xyz Referer https://ziraat-mobilavantaj71.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" age 1510658 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sat, 28 Dec 2024 15:05:28 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230173-FRA, cache-lga21935-LGA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 20016 x-jsd-version 5.0.2
GET H3	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/	28 KB 7 KB	45ms 24ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj71.xyz/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "89916fa773ce96569604016ef25cab50" age 269746 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 28 Dec 2024 15:05:28 GMT last-modified Mon, 25 Jan 2021 22:04:54 GMT content-type text/css; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 11/11/2024 04:26:52 cdn-requestpullcode 200 priority u=0,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 77909d415d1d6d98053f14a6fb3eebdc cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.06 cf-ray 8f9272e0ccec42bb-EWR access-control-allow-origin * cdn-edgestorageid 1070 server cloudflare cdn-requestcountrycode US
GET H3	200	bootstrap.bundle.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	69 KB 21 KB	44ms 26ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.bundle.min.js Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj71.xyz/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "ef58fee438cd2da2c3b33ff6f1cfeebf" age 202884 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 28 Dec 2024 15:05:28 GMT last-modified Mon, 25 Jan 2021 22:04:06 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 11/15/2024 14:30:03 cdn-requestpullcode 200 priority u=1,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid de84cd6a6a3b772bf9e1b8ce271b431b cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.06 cf-ray 8f9272e0b95b0f55-EWR access-control-allow-origin * cdn-edgestorageid 845 server cloudflare cdn-requestcountrycode US
GET H3	200	jquery.mask.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/	23 KB 5 KB	42ms 21ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.15/jquery.mask.js Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj71.xyz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03ec3-5a58" age 115278 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EAvdRZ8pPJtbhU1BUBbY1tAFZuQ9t81Od2bTG6%2BU14aaVW97H82xtjR0DJSSC4hSJ18rOO5vqQbccKiTlMK6r89S51kxjysuunD%2BNB8lXxADC1v%2BKku%2FliJKjA6Zw6GzQ1OYwoOkNFvOHsDX9VbBCci9"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 18 Dec 2025 15:05:28 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 28 Dec 2024 15:05:28 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:47 GMT vary Accept-Encoding priority u=1,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8f9272e0ca9541b2-EWR accept-ranges bytes access-control-allow-origin * content-length 4938 server cloudflare
GET H3	200	nftx3pu.PNG i.hizliresim.com/	30 KB 31 KB	121ms 24ms	Image image/jpeg	2606:4700:3036::ac43:9a83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.hizliresim.com/nftx3pu.PNG Requested by Host: ziraat-mobilavantaj71.xyz URL: https://ziraat-mobilavantaj71.xyz/?u=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:9a83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1822d9787fd9131004d5025c6eba163481bde41c482ea923bb6b3f57e2ee8ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj71.xyz/ Response headers cf-cache-status HIT etag "9d2b39426efe1784e57b9c1921b8a5af" age 435085 x-wasabi-cm-reference-id 1734939837081 38.27.106.126 ConID:826030380/EngineConID:7884564/Core:67 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Xozi2lUEiFVeOsFHaGnl95h8gY2YfSnYF9M7xORabwwQTR4DGvCgYvRvDPYtxewWeGhXBPxwR%2BYMq1Wg3j4Dd5d%2FozYe71gTntUxC1H1epCHJiGd0UM8rZCbcSl9DvhuAD08IZG%2FCPHyrNS9d79"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7625&min_rtt=7572&rtt_var=1688&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4215&recv_bytes=4353&delivery_rate=81037&cwnd=12000&unsent_bytes=0&cid=63c11d681e295746&ts=30&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 28 Dec 2024 15:05:28 GMT content-type image/jpeg last-modified Mon, 15 Jul 2024 22:25:14 GMT vary Accept-Encoding priority u=2,i x-amz-id-2 vXhZ9ETOy4/YLSyWf4DFVJY9+7a/0LGmDIyLLGyOyTcva9PlDPZYmGDLY4J+6ugE7d5WNd3JUotX strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 4A3E2AC227C3BD0F:A cf-ray 8f9272e13a77440c-EWR accept-ranges bytes content-length 30758 server cloudflare
GET H2	404	favicon.ico ziraat-mobilavantaj71.xyz/	808 B 466 B	111ms 110ms	Other text/html	154.216.20.140 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://ziraat-mobilavantaj71.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.216.20.140 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software LiteSpeed / PleskLin Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://ziraat-mobilavantaj71.xyz/?u=1 Response headers content-encoding br etag "328-66fdb699-976819dd8f7d3d14;br" accept-ranges bytes content-length 369 date Sat, 28 Dec 2024 15:05:28 GMT content-type text/html last-modified Wed, 02 Oct 2024 21:09:45 GMT vary Accept-Encoding server LiteSpeed x-powered-by PleskLin

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| login object| password object| nextPage object| form1 object| form2 object| sendData function| isValidTCKN function| check function| check4 function| check6 function| valid_credit_card function| check2 function| postwith

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ziraat-mobilavantaj71.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: aoccof0gn1s00qal4qdh0fbjd7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://ziraat-mobilavantaj71.xyz/?u=1 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://ziraat-mobilavantaj71.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
i.hizliresim.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
ziraat-mobilavantaj71.xyz
154.216.20.140
2606:4700:3036::ac43:9a83
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6812:bcf
2607:f8b0:400d:c03::5f
2a04:4e42:200::485
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3e9e64573f688770f2909fd16d4e9bdcb0c648a2e7a946ad24af19b8b9b40754
3edcd35f57ed9849a3f18522017d304c843e75d4c0195b763222ccb06b003313
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
a1822d9787fd9131004d5025c6eba163481bde41c482ea923bb6b3f57e2ee8ef
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48