online.guven.com.tr
Open in
urlscan Pro
185.57.66.80
Public Scan
Submitted URL: https://www.posta.ci/
Effective URL: https://online.guven.com.tr/
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from IT
Effective URL: https://online.guven.com.tr/
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from IT
Summary
This website contacted 4 IPs
in 2 countries
across 6 domains to perform 12 HTTP transactions.
The main IP is 185.57.66.80, located in
Ankara, Turkey and
belongs to VMIND, TR.
The main domain is online.guven.com.tr.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 17th 2024. Valid for: a year.
This is the only time online.guven.com.tr was scanned on urlscan.io!
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 17th 2024. Valid for: a year.
This is the only time online.guven.com.tr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 46.20.7.86 46.20.7.86 | 43260 (AS43260) (AS43260) | |
| 4 | 185.57.66.80 185.57.66.80 | 9215 (VMIND) (VMIND) | |
| 1 | 104.18.21.227 104.18.21.227 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 12 | 4 |
4
185.57.66.80
(Ankara, Turkey)
ASN9215 (VMIND, TR)
PTR: host-185-57-66-80.reverse.portvmind.com.tr
ASN9215 (VMIND, TR)
PTR: host-185-57-66-80.reverse.portvmind.com.tr
| online.guven.com.tr |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
guven.com.tr
online.guven.com.tr stream.guven.com.tr Failed |
10 KB |
| 2 |
posta.ci
www.posta.ci |
445 B |
| 1 |
jit.si
meet.jit.si — Cisco Umbrella Rank: 69793 |
13 KB |
| 0 |
onedose.io
Failed
www.onedose.io Failed |
|
| 0 |
cloudflare.com
Failed
cdnjs.cloudflare.com Failed |
|
| 0 |
jsdelivr.net
Failed
cdn.jsdelivr.net Failed |
|
| 12 | 6 |
| Domain | Requested by | |
|---|---|---|
| 4 | online.guven.com.tr |
online.guven.com.tr
|
| 2 | www.posta.ci | |
| 1 | meet.jit.si |
online.guven.com.tr
|
| 0 | www.onedose.io Failed |
online.guven.com.tr
|
| 0 | cdnjs.cloudflare.com Failed |
online.guven.com.tr
|
| 0 | cdn.jsdelivr.net Failed |
online.guven.com.tr
|
| 0 | stream.guven.com.tr Failed |
online.guven.com.tr
|
| 12 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.posta.ci R10 |
2024-08-28 - 2024-11-26 |
3 months | crt.sh |
| *.guven.com.tr RapidSSL TLS RSA CA G1 |
2024-07-17 - 2025-07-17 |
a year | crt.sh |
| *.meet.jit.si DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-06-27 - 2025-07-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://online.guven.com.tr/
Frame ID: F1F22EA3C6498DC6185E8C02318A2FB2
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Güven OnlinePage URL History Show full URLs
- https://www.posta.ci/ Page URL
- https://online.guven.com.tr/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.posta.ci/ Page URL
- https://online.guven.com.tr/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
www.posta.ci/ |
257 B 327 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.posta.ci/ |
88 B 118 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
online.guven.com.tr/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flutter.js
online.guven.com.tr/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
light-1x.png
online.guven.com.tr/splash/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
external_api.js
meet.jit.si/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
external_api.js
stream.guven.com.tr/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jsQR.min.js
cdn.jsdelivr.net/npm/jsqr@1.3.1/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
pdf.min.js
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.4.456/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
libphonenumber.js
www.onedose.io/wp-content/uploads/2023/04/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
stringbuffer.js
www.onedose.io/wp-content/uploads/2023/04/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
light-1x.png
online.guven.com.tr/splash/img/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- stream.guven.com.tr
- URL
- https://stream.guven.com.tr/external_api.js
- Domain
- cdn.jsdelivr.net
- URL
- https://cdn.jsdelivr.net/npm/jsqr@1.3.1/dist/jsQR.min.js
- Domain
- cdnjs.cloudflare.com
- URL
- https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.4.456/pdf.min.js
- Domain
- www.onedose.io
- URL
- https://www.onedose.io/wp-content/uploads/2023/04/libphonenumber.js
- Domain
- www.onedose.io
- URL
- https://www.onedose.io/wp-content/uploads/2023/04/stringbuffer.js
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| removeSplashFromWeb string| flutterfire_web_sdk_version object| JitsiMeetJS function| JitsiMeetExternalAPI0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
meet.jit.si
online.guven.com.tr
stream.guven.com.tr
www.onedose.io
www.posta.ci
cdn.jsdelivr.net
cdnjs.cloudflare.com
stream.guven.com.tr
www.onedose.io
104.18.21.227
185.57.66.80
46.20.7.86
189ac3382fd132e6ab9030541722aff0974612f7021dd89dae3af1071bac3321
4b28e89d56ae0ada3595d3e6f69aef0a7adb62b2185347277a0b5bdf245e2049
727d3fa28ac9adb49d582c7188b616f20d7ad3c5d08a576fdb58d13c51ad4b62
a6a4839db823ddd38b727028332d28856a1f529c77381e348ba8d040e397594c
abb5c407db14908c2af56263bff34c683be228a5e22c384d7a6b852e731f466a
c5965f16f996956d76632a32377d3199fd8dad0a7e4f781205607151a3f29f2c