sahibinden.hizli-guvenli.click Open in urlscan Pro
38.242.221.17  Malicious Activity! Public Scan

URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Submission: On December 18 via api from TR — Scanned from IL

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 38.242.221.17, located in Düsseldorf, Germany and belongs to CONTABO Contabo GmbH, DE. The main domain is sahibinden.hizli-guvenli.click.
TLS certificate: Issued by R11 on December 16th 2024. Valid for: 3 months.
This is the only time sahibinden.hizli-guvenli.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sahibinden (Classifieds)

Domain & IP information

IP Address AS Autonomous System
2 38.242.221.17 51167 (CONTABO C...)
1 142.250.186.98 15169 (GOOGLE)
4 85.153.138.73 34984 (TELLCOM-A...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 151.101.66.137 54113 (FASTLY)
24 6
Apex Domain
Subdomains
Transfer
4 shbdn.com
s0.shbdn.com — Cisco Umbrella Rank: 147709
139 KB
1 zaita.pro
zaita.pro
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
11 KB
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
33 KB
1 hizli-guvenli.click
sahibinden.hizli-guvenli.click
74 KB
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
24 7
Domain Requested by
4 s0.shbdn.com sahibinden.hizli-guvenli.click
s0.shbdn.com
1 zaita.pro sahibinden.hizli-guvenli.click
1 code.jquery.com sahibinden.hizli-guvenli.click
1 cdnjs.cloudflare.com sahibinden.hizli-guvenli.click
1 securepubads.g.doubleclick.net sahibinden.hizli-guvenli.click
1 sahibinden.hizli-guvenli.click
0 cdn.jsdelivr.net Failed sahibinden.hizli-guvenli.click
24 7
Subject Issuer Validity Valid
sahibinden.hizli-guvenli.click
R11
2024-12-16 -
2025-03-16
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
shbdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-16 -
2025-09-15
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
zaita.pro
R10
2024-12-10 -
2025-03-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Frame ID: 88C4359B141BC9330060ABBC29750AE2
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Taşıma Ücreti sahibinden.comda - 1098735995

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

38 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

287 kB
Transfer

1380 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ilan
sahibinden.hizli-guvenli.click/
233 KB
74 KB
Document
General
Full URL
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.242.221.17 Düsseldorf, Germany, ASN51167 (CONTABO Contabo GmbH, DE),
Reverse DNS
Software
nginx / PHP/8.3.14 PleskLin
Resource Hash
d845c80b3219227df636f34f57c351cccd2de06b91c0c81e380a7b8968d5b5aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 13:07:28 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.3.14 PleskLin
gpt.js
securepubads.g.doubleclick.net/tag/js/
103 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2a66d70dac82c599d82c5249ab1e161836cf09d3fb5964c8613d349c8edf41db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/

Response headers

content-encoding
br
etag
423 / 20075 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 13:07:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 18 Dec 2024 13:07:29 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33483
x-xss-protection
0
server
cafe
common:2a82107b2f1822aa16d7c82ab20608bd.css
s0.shbdn.com/assets/
223 KB
39 KB
Stylesheet
General
Full URL
https://s0.shbdn.com/assets/common:2a82107b2f1822aa16d7c82ab20608bd.css
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR),
Reverse DNS
Software
Sahibinden Web Servers /
Resource Hash
8b5457b9a166e5a12bcb1a0397aac8abb187ab29f8ae0cc7f4ab5f6197674d9e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

access-control-expose-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
etag
W/"63cfcf82-37d6e"
age
1993237
x-secure-option
secure
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 11:26:54 GMT
content-type
text/css
last-modified
Tue, 24 Jan 2023 12:30:58 GMT
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; preload
cache-control
max-age=31536000,public
via
www.sahibinden.com(c)
access-control-allow-origin
*
content-length
39602
x-proxy
tmll-204 3,8080
server
Sahibinden Web Servers
classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
s0.shbdn.com/assets/
537 KB
94 KB
Stylesheet
General
Full URL
https://s0.shbdn.com/assets/classifiedDetail:7afbf6b3c7c264c1e338d187b95a2ae1.css
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR),
Reverse DNS
Software
Sahibinden Web Servers /
Resource Hash
475278b0d314514796bf3975e76512cf921d3a38780993d561eb693561020d4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

access-control-expose-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
etag
W/"63d8fa26-863ae"
age
1993237
x-secure-option
secure
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 11:26:54 GMT
content-type
text/css
last-modified
Tue, 31 Jan 2023 11:23:18 GMT
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; preload
cache-control
max-age=31536000,public
via
www.sahibinden.com(c)
access-control-allow-origin
*
content-length
95621
x-proxy
tmll-204 5,8080
server
Sahibinden Web Servers
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/1.3.1/
31 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/1.3.1/axios.min.js
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5c21becc119fd932a6ee293112bc4198207071e3240c9a76c2dc62c5c4da00
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
MISS
etag
"63daf72b-298a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FcEvprhdjswGm5iOyqoSZEPhiMllFAUqBQY%2BR7XjFA8YiPf1SnAVXab5FDtdNfsTH1AeyveHPj1Y8seCAwoVZ3wMBTtF%2FAPLNSpNsdCnhCwJx%2FsVd%2FFpq4bWJ5j%2B2RY5O8Ba%2BQC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 13:07:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 13:07:29 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 01 Feb 2023 23:35:07 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3f604c2e9bc22c-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
10634
server
cloudflare
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
3050541
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 13:07:30 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
3, 1061017
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230145-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1734527251.586854,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
811589.jpeg
zaita.pro/images/
116 KB
0
Image
General
Full URL
https://zaita.pro/images/811589.jpeg
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.242.221.17 Düsseldorf, Germany, ASN51167 (CONTABO Contabo GmbH, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
etag
"67618f49-33976"
accept-ranges
bytes
content-length
211318
date
Wed, 18 Dec 2024 13:07:31 GMT
content-type
image/jpeg
last-modified
Tue, 17 Dec 2024 14:48:41 GMT
server
nginx
x-powered-by
PleskLin
prebid:35802e87d11a2ce2ec228c6e38acf487.js
s0.shbdn.com/assets/
0
0

common:9f4a897fbafd9bfbe9051eba7f7fc601.js
s0.shbdn.com/assets/
0
0

searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js
s0.shbdn.com/assets/
14 KB
5 KB
Script
General
Full URL
https://s0.shbdn.com/assets/searchSuggestion:f139f29f0bdeb5b0e6c7ed5512303827.js
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR),
Reverse DNS
Software
Sahibinden Web Servers /
Resource Hash
0adf0bce9c69989950d0134f3b0a6022a98c180b76cb8a28bfaaab5187020f6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

access-control-expose-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
etag
W/"652fcbee-39ed"
age
1993241
x-secure-option
secure
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 11:26:56 GMT
content-type
application/javascript
last-modified
Wed, 18 Oct 2023 12:13:34 GMT
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; preload
cache-control
max-age=31536000,public
via
www.sahibinden.com(c)
access-control-allow-origin
*
content-length
4858
x-proxy
tmll-204 3,8080
server
Sahibinden Web Servers
classifiedDetail:f39a9a2ee973ea563946c9fbefaacac8.js
s0.shbdn.com/assets/
0
0

lastScripts:cfa5d49129048f4e398f292f2accea2c.js
s0.shbdn.com/assets/
47 B
177 B
Script
General
Full URL
https://s0.shbdn.com/assets/lastScripts:cfa5d49129048f4e398f292f2accea2c.js
Requested by
Host: sahibinden.hizli-guvenli.click
URL: https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.153.138.73 , Turkey, ASN34984 (TELLCOM-AS Superonline Iletisim Hizmetleri A.S., TR),
Reverse DNS
Software
Sahibinden Web Servers /
Resource Hash
fb589526ee553a3625c42787485a4dab000ed1c9af6d6a449a17bc7e5299f029
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sahibinden.hizli-guvenli.click/ilan?id=292-Tasima-ucreti

Response headers

access-control-expose-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
etag
W/"6740593c-2f"
age
1998964
x-secure-option
secure
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
date
Mon, 25 Nov 2024 09:51:33 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 10:13:16 GMT
vary
Accept-Encoding
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; preload
cache-control
max-age=31536000,public
via
www.sahibinden.com(c)
access-control-allow-origin
*
content-length
67
x-proxy
tmll-204 3,8080
server
Sahibinden Web Servers
sweetalert2@10
cdn.jsdelivr.net/npm/
0
0

truncated
/
35 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
header:052021775b36a00993ef761643a87e8a.png
s0.shbdn.com/assets/images/
0
0

detail:09f7b52d46bd89fa5af69e73f7b57fa4.png
s0.shbdn.com/assets/images/
0
0

paylas:5096d03da35a68192ad5e01630f43a89.png
s0.shbdn.com/assets/images/
0
0

video_passive:35648402316781a17a3929eb3ee0d540.png
s0.shbdn.com/assets/images/
0
0

classifiedPriceHistory:cf599a98c9b0f2a2539c2b19f28b9452.png
s0.shbdn.com/assets/images/
0
0

classifiedDetail:78e5078d0ca5926bf90a3b1f530ba8f0.png
s0.shbdn.com/assets/images/
0
0

classifiedDetail:befe607f6b4449467e8debc0284369ce.png
s0.shbdn.com/assets/images/
0
0

sellerProfile:11a9c57bcf91f7f30bb85d38ab05ac37.png
s0.shbdn.com/assets/images/
0
0

10:9367b4efdc17ff6313e3bbbc3550afbe.png
s0.shbdn.com/assets/images/
0
0

footer:897327958bad301977bab9f9cf429b01.png
s0.shbdn.com/assets/images/
0
0

group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
s0.shbdn.com/assets/images/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/prebid:35802e87d11a2ce2ec228c6e38acf487.js
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/common:9f4a897fbafd9bfbe9051eba7f7fc601.js
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/classifiedDetail:f39a9a2ee973ea563946c9fbefaacac8.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/sweetalert2@10
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/header:052021775b36a00993ef761643a87e8a.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/detail:09f7b52d46bd89fa5af69e73f7b57fa4.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/paylas:5096d03da35a68192ad5e01630f43a89.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/video_passive:35648402316781a17a3929eb3ee0d540.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/classifiedPriceHistory:cf599a98c9b0f2a2539c2b19f28b9452.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/classifiedDetail:78e5078d0ca5926bf90a3b1f530ba8f0.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/classifiedDetail:befe607f6b4449467e8debc0284369ce.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/sellerProfile:11a9c57bcf91f7f30bb85d38ab05ac37.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/10:9367b4efdc17ff6313e3bbbc3550afbe.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/footer:897327958bad301977bab9f9cf429b01.png
Domain
s0.shbdn.com
URL
https://s0.shbdn.com/assets/images/group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sahibinden (Classifieds)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| OptanonWrapper object| cmpData$ object| DMP function| setPrebidGDPR function| resolvePersonalizedAdStatus object| customConfigObject object| dfpLibraryHelper object| Criteo object| googletag object| pbjs object| abFlags boolean| skipJQueryInlineBlockNeedsLayoutTest function| getBanner object| failedAssets object| shbdn_rum object| SahibindenCfg function| getCookie object| dfpTagUtils boolean| invoked function| axios function| $ function| jQuery function| redirectToPage function| loginPopup string| bannerZoneId function| readCookie function| getDfpTargetingTags function| setDfpTargetingTags function| AdSlotRefresher function| displayAds

0 Cookies