urlscan.io logo urlscan.io
SecurityTrails logo

kocsso.maximus.com.tr Open in urlscan Pro
37.131.251.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kocdiyalog.com/
Effective URL: https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Submission: On February 01 via manual from GR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 18 HTTP transactions. The main IP is 37.131.251.114, located in Istanbul, Turkey and belongs to KOCSISTEM, TR. The main domain is kocsso.maximus.com.tr.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 5th 2022. Valid for: a year.
This is the only time kocsso.maximus.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 51.105.236.215 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 5 37.131.251.114 9074 (KOCSISTEM)
1 2a00:1450:400... 15169 (GOOGLE)
18 7
10    51.105.236.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
kocdiyalog.com
www.kocdiyalog.com
api.kocdiyalog.com
2    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    37.131.251.114 (Istanbul, Turkey)

ASN9074 (KOCSISTEM, TR)
kocsso.maximus.com.tr
1    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 kocdiyalog.com
kocdiyalog.com
www.kocdiyalog.com
api.kocdiyalog.com
4 MB
5 maximus.com.tr
kocsso.maximus.com.tr
103 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2456
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
76 KB
18 6
Domain Requested by
6 www.kocdiyalog.com www.kocdiyalog.com
5 kocsso.maximus.com.tr 1 redirects www.kocdiyalog.com
kocsso.maximus.com.tr
3 api.kocdiyalog.com 1 redirects www.kocdiyalog.com
2 fonts.googleapis.com www.kocdiyalog.com
kocsso.maximus.com.tr
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.kocdiyalog.com
1 kocdiyalog.com 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
*.kocdiyalog.com
GlobalSign RSA OV SSL CA 2018		 2022-12-16 -
2024-01-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.maximus.com.tr
GlobalSign RSA OV SSL CA 2018		 2022-04-05 -
2023-05-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Frame ID: C8BF8DFEE814D2653CD527F260AC23A6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SSO

Page URL History Show full URLs

  1. http://kocdiyalog.com/ HTTP 301
    https://www.kocdiyalog.com/ Page URL
  2. https://api.kocdiyalog.com/account/login?returnUrl=https://www.kocdiyalog.com/loggedin/C4pAPLn7qqPSewDR... HTTP 303
    https://kocsso.maximus.com.tr/login/SSORedirect/metaAlias/idp?SAMLRequest=hJJLT8MwEITvSPwHy%2FfGcRJEZTWVol... HTTP 302
    https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

94 %
HTTPS

67 %
IPv6

6
Domains

8
Subdomains

7
IPs

5
Countries

4287 kB
Transfer

10707 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kocdiyalog.com/ HTTP 301
    https://www.kocdiyalog.com/ Page URL
  2. https://api.kocdiyalog.com/account/login?returnUrl=https://www.kocdiyalog.com/loggedin/C4pAPLn7qqPSewDRzo9fmH? HTTP 303
    https://kocsso.maximus.com.tr/login/SSORedirect/metaAlias/idp?SAMLRequest=hJJLT8MwEITvSPwHy%2FfGcRJEZTWVolZIlcpDDXDg5sYbsPAjeB0e%2Fx63gKAHwMf1fjOekWcorSkG0YzxwW3gaQSM5NUah%2BLjpqZjcMJL1CictIAidqJtzteiyHIxBB995w39yfyNSEQIUXtHyWpZU6142XNVlqfbdKqyUtuTfFr02%2F502ue9lFNKbiFgAmqa%2BEQhjrByGKWLaZQX5SQvJjm%2F5lzwSvDijpJliqGd3NnU9CHGAQVjj75D9JmVr9qOmHXeZjGIqiqZ8ffasba93IDSAbrILETZGC2RaTVQ0nw9euEdjhZCC%2BFZd3CzWX%2Fry0FnyUPpN5kEd%2Fqs3fXBmg7p%2FPiIkNm%2BH7FPEOb%2FcTN2sP4tMIiLVOtqeeWN7t7ImQ9Wpip%2Ba51nfD%2FRatLvVwVYqU2jVADEFM4Y%2F7IIICPUNIYRKGHJ7dP%2B8G%2FM3wEAAP%2F%2FAwA%3D&RelayState=Hf0Y3kEbwFFJoMGS-IEkw-KB HTTP 302
    https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kocdiyalog.com/ HTTP 301
  • https://www.kocdiyalog.com/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.kocdiyalog.com/
Redirect Chain
  • http://kocdiyalog.com/
  • https://www.kocdiyalog.com/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4421d3a754983f5cbf897784a6dce0368fca52e0281496115e0b6d82eaffc929
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
3607
content-type
text/html
date
Wed, 01 Feb 2023 11:14:10 GMT
etag
"0876d67c26d91:0"
last-modified
Thu, 12 Jan 2023 11:56:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
195
Content-Type
text/html
Date
Wed, 01 Feb 2023 11:14:10 GMT
Location
https://www.kocdiyalog.com/
Server
Microsoft-Azure-Application-Gateway/v2
css
fonts.googleapis.com/ 		1 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:500&display=swap
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f488db8e4f7d5bda392a599548088ca9fad45dcc045f20c3e805e3aecdcb0642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Feb 2023 11:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 11:14:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Feb 2023 11:14:11 GMT
js
www.googletagmanager.com/gtag/ 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N6ZQYE9DF5
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c741f775418145cae7a78c52cc6669824b5e5f84ab0750ab1368c85a8bf2468c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 01 Feb 2023 11:14:11 GMT
7.838f8233.chunk.css
www.kocdiyalog.com/static/css/ 		403 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kocdiyalog.com/static/css/7.838f8233.chunk.css
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c62bde4209779edd5d907790facbbbd723ab153d287ab732c8eb390cf5f9e78e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:10 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:56:00 GMT
etag
"0876d67c26d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
46667
x-xss-protection
1
main.7e9a7cd9.chunk.css
www.kocdiyalog.com/static/css/ 		2 MB
468 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kocdiyalog.com/static/css/main.7e9a7cd9.chunk.css
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2273b9d6b10269dfc970954b725428de91023a2b922ad37556a107be5ee1b3fc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:10 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:56:00 GMT
etag
"0876d67c26d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-xss-protection
1
style.css
www.kocdiyalog.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kocdiyalog.com/style.css
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2669a6d7a8da46c4341431c9f755e02b3ccd612d8afbb0d87e9a4e770c33d9c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:10 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:46:52 GMT
etag
"0ded38f7b26d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
684
x-xss-protection
1
7.64aa6656.chunk.js
www.kocdiyalog.com/static/js/ 		4 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kocdiyalog.com/static/js/7.64aa6656.chunk.js
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c13f0fcfefd4c4c4eb5e6f1c71d572070349ce74c30fb91cf8c8a5bc3ae132cf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:11 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:56:00 GMT
etag
"0876d67c26d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
x-xss-protection
1
main.174aaed3.chunk.js
www.kocdiyalog.com/static/js/ 		4 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kocdiyalog.com/static/js/main.174aaed3.chunk.js
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
454cea62240c5225e8383e1e409a3e8e76fe754c834368f22d4f4d7fefb1906b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:11 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:56:00 GMT
etag
"0876d67c26d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
accept-ranges
bytes
x-xss-protection
1
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N6ZQYE9DF5&gtm=2oe1u0&_p=757173008&cid=351350001.1675250051&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675250051&sct=1&seg=0&dl=https%3A%2F%2Fwww.kocdiyalog.com%2F&dt=Ko%C3%A7%20Diyalog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N6ZQYE9DF5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kocdiyalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Feb 2023 11:14:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kocdiyalog.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get-alive-for-authorization
api.kocdiyalog.com/api/v1/alive/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.kocdiyalog.com/api/v1/alive/get-alive-for-authorization
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://www.kocdiyalog.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
https://www.kocdiyalog.com
date
Wed, 01 Feb 2023 11:14:12 GMT
request-context
appId=cid-v1:008f7fab-f3b8-47bf-a2f9-d76af6bb24bd
strict-transport-security
max-age=2592000
vary
Origin
x-frame-options
SAMEORIGIN
x-xss-protection
1
get-alive-for-authorization
api.kocdiyalog.com/api/v1/alive/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.kocdiyalog.com/api/v1/alive/get-alive-for-authorization
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/static/js/main.174aaed3.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.236.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.kocdiyalog.com/
accept-language
nl-NL,nl;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:14:12 GMT
strict-transport-security
max-age=2592000
www-authenticate
Bearer error="invalid_token"
vary
Origin,Origin
x-frame-options
SAMEORIGIN
content-type
text/plain
access-control-allow-origin
https://www.kocdiyalog.com
access-control-allow-credentials
true
content-length
0
x-xss-protection
1
request-context
appId=cid-v1:008f7fab-f3b8-47bf-a2f9-d76af6bb24bd
Primary Request customproxyidpfinder.jsp
kocsso.maximus.com.tr/login/
Redirect Chain
  • https://api.kocdiyalog.com/account/login?returnUrl=https://www.kocdiyalog.com/loggedin/C4pAPLn7qqPSewDRzo9fmH?
  • https://kocsso.maximus.com.tr/login/SSORedirect/metaAlias/idp?SAMLRequest=hJJLT8MwEITvSPwHy%2FfGcRJEZTWVolZIlcpDDXDg5sYbsPAjeB0e%2Fx63gKAHwMf1fjOekWcorSkG0YzxwW3gaQSM5NUah%2BLjpqZjcMJL1CictIAidqJtz...
  • https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
56 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Requested by
Host: www.kocdiyalog.com
URL: https://www.kocdiyalog.com/static/js/main.174aaed3.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.131.251.114 Istanbul, Turkey, ASN9074 (KOCSISTEM, TR),
Reverse DNS
Software
/
Resource Hash
c8e1405e19b4e08cad39d88631470169e809d98c24de359b73e581eca7073645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.kocdiyalog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
Date
Wed, 01 Feb 2023 11:14:13 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
content-length
57428

Redirect headers

Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 01 Feb 2023 11:14:13 GMT
Location
https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
collect
region1.google-analytics.com/g/ 		0
0
css
fonts.googleapis.com/ 		2 KB
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Catamaran:200,400
Requested by
Host: kocsso.maximus.com.tr
URL: https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b845588d50ac706a95381547d4cc9b121ebdba083eb934ff11656a03ff507071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://kocsso.maximus.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 01 Feb 2023 11:14:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 11:12:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Feb 2023 11:14:13 GMT
spacer.gif
kocsso.maximus.com.tr/login/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kocsso.maximus.com.tr/login/images/spacer.gif
Requested by
Host: kocsso.maximus.com.tr
URL: https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.131.251.114 Istanbul, Turkey, ASN9074 (KOCSISTEM, TR),
Reverse DNS
Software
/
Resource Hash
15bf00bf11661d194222632114e11a858a35bb4ca58fe72894d741132179d581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 11:14:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Dec 2022 14:47:16 GMT
ETag
W/"1099-1670683636000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1099
bg.jpg
kocsso.maximus.com.tr/login/images/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kocsso.maximus.com.tr/login/images/bg.jpg
Requested by
Host: kocsso.maximus.com.tr
URL: https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.131.251.114 Istanbul, Turkey, ASN9074 (KOCSISTEM, TR),
Reverse DNS
Software
/
Resource Hash
07875b6ac99d164a18a20c4fc7134e8cb8078d2d6d5190da6d3a99a68d6c68bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 11:14:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Dec 2022 14:47:16 GMT
ETag
W/"42375-1670683636000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
42375
o-0mIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPHjct6L1SoM-jCpoiyDPA-9a6VI.woff2
fonts.gstatic.com/s/catamaran/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/catamaran/v17/o-0mIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPHjct6L1SoM-jCpoiyDPA-9a6VI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Catamaran:200,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61a2e9927b82d5e0e9e8e09f09586b5dbcb8d186ea16212614071acaa925e21b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kocsso.maximus.com.tr
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:48:31 GMT
x-content-type-options
nosniff
age
152742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19320
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:45:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 Jan 2024 16:48:31 GMT
koc-logo.svg
kocsso.maximus.com.tr/login/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kocsso.maximus.com.tr/login/images/koc-logo.svg
Requested by
Host: kocsso.maximus.com.tr
URL: https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.131.251.114 Istanbul, Turkey, ASN9074 (KOCSISTEM, TR),
Reverse DNS
Software
/
Resource Hash
f80bec53914c9991799df410ffd5392dc3031fdb6df6db4c6a9b4b252dd91bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://kocsso.maximus.com.tr/login/customproxyidpfinder.jsp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 11:14:13 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Dec 2022 14:47:16 GMT
ETag
W/"1871-1670683636000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1871

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N6ZQYE9DF5&gtm=2oe1u0&_p=757173008&cid=351350001.1675250051&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1675250051&sct=1&seg=0&dl=https%3A%2F%2Fwww.kocdiyalog.com%2F&dt=Ko%C3%A7%20Diyalog&_s=2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| relayState string| product string| imageUrl object| logoElement object| htmlElement object| keyValuePair function| submitFunction function| getUrl function| getKeyValue function| reloadPage function| compareRequestTimeWithPageLoadTime function| setLocalStorageValues function| isNullOrEmpty function| getCookie function| validateEmail function| tryAutoSubmit function| onFocusFunc function| onBlurFunc

8 Cookies

Domain/Path Name / Value
kocsso.maximus.com.tr/login Name: JSESSIONID
Value: 619C94A149A5518633A2636B3E1F2880
.kocdiyalog.com/ Name: _ga
Value: GA1.1.351350001.1675250051
api.kocdiyalog.com/ Name: Saml2.Hf0Y3kEbwFFJoMGS-IEkw-KB
Value: CfDJ8L1mV0wA_qpDnSY7m1TV7XoMXrqlzUHi_8aik6VWlKuP1vF-DzXhEqjwfRtYyKPwh01An9fL7-MTnbn9JzBW4ce50NyJTrHbFwMniNxnEHOJlLmmNXNclkU7tZ3pn8kONpZZbddymydS1WPr98VhYoe77bYd58wD4EK6M5xbmMWtZLpBUmb78jNXPD6iCD24WRmpKHAe_Dj8GNgIWLmlErahfsevi4pG2P6sJUj07HnYEqJ7M5afZZOpFqelnJYKB5i_HFLQuRNhAb-_eTq6JHCl-9gzJdZlKsNIbsNZDvOgdoepdDca71LgTLfQqOjxzB3F-Ci61BvfPZ7Hb21YJ8A.
kocsso.maximus.com.tr/ Name: SameSite
Value: None
.maximus.com.tr/ Name: amlbcookie
Value: 01
.kocdiyalog.com/ Name: _ga_N6ZQYE9DF5
Value: GS1.1.1675250051.1.1.1675250053.0.0.0
kocsso.maximus.com.tr/ Name: ADRUM_BTa
Value: R:27|g:a87dfad8-b42a-413d-a19f-3d450cc2f8e8|n:customer1_b6a6d946-459e-4981-8db4-3ede4ba05a69
kocsso.maximus.com.tr/ Name: ADRUM_BT1
Value: R:27|i:5593|e:0

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.kocdiyalog.com/static/js/7.64aa6656.chunk.js
Message:
Invalid asm.js: Unexpected token
network error URL: https://api.kocdiyalog.com/api/v1/alive/get-alive-for-authorization
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1