urlscan.io logo urlscan.io
SecurityTrails logo

xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com Open in urlscan Pro
193.36.63.38  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Submission: On October 27 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 193.36.63.38, located in Turkey and belongs to SERVERPLUS, TR. The main domain is xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 27th 2020. Valid for: 3 months.
This is the only time xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spark (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
17 193.36.63.38 201086 (SERVERPLUS)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
26 5
17    193.36.63.38 (Turkey)

ASN201086 (SERVERPLUS, TR)
PTR: antispam.dnsdll.com
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
17 xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
6 cdnjs.cloudflare.com xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
1 use.fontawesome.com xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
26 5

This site contains no links.

Subject Issuer Validity Valid
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
cPanel, Inc. Certification Authority		 2020-10-27 -
2021-01-25		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Frame ID: BE2E2BF060647B233CC206975C4D6181
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

397 kB
Transfer

1252 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
153b99452c6f4326b736fcc2528a299a325fe63fa7daae2b00c029d39b278946

Request headers

:method
GET
:authority
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
:scheme
https
:path
/nzsprk/010cf6733ba79252a80674668054f335/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 27 Oct 2020 13:04:01 GMT
server
sopws
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=hp087r0u869iu4ro9pnjb9eff1; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
1942
content-type
text/html; charset=UTF-8
all.css
use.fontawesome.com/releases/v5.8.2/css/ 		54 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2019 16:50:11 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"77cbad34e5ce95e70847b074e05faeab"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
css
fonts.googleapis.com/ 		10 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Oct 2020 12:20:56 GMT
server
ESF
date
Tue, 27 Oct 2020 13:04:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Oct 2020 13:04:03 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/css/ 		157 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
492535
x-via
cfworker/kv
status
200
content-length
17522
cf-request-id
060bc1a3aa00009784af3d3000000001
timing-allow-origin
*
last-modified
Tue, 12 May 2020 17:56:41 GMT
server
cloudflare
etag
"5ebae359-27293"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8TWCoDdX81u4YprOkwQFYzrtyG0dKkwxDixKaU2SbLg0X9kPSydyeu9MuOnlVbarpmO6tO1LSbxSRFsZ%2BhRdA%2FiUPFXQkIAcbhlBwkRIf3kVKpvksRBuM01Ul1MBCel8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e8c9ee5db419784-FRA
expires
Sun, 17 Oct 2021 13:04:03 GMT
mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.19.0/css/ 		271 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.19.0/css/mdb.min.css
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290758a94e9508647e9cb8e95128a300970ad62225329f2ba395003303e3d5e2

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
492510
x-via
cfworker/kv
status
200
content-length
22448
cf-request-id
060bc1a3ab00009784960cf000000001
timing-allow-origin
*
last-modified
Thu, 28 May 2020 14:55:10 GMT
server
cloudflare
etag
"5ecfd0ce-43a3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yG0IznGRciDnTp1eY0bClkejzIpXB%2B3OdXaB1WJKFP0r9SqF9CJw7LJzGN18rFwf3VQRYJSWVB57CzGiYC2Sk5m1jsNrev%2B9aRjIJm6mmasTwRW%2BkarO0KAWCBQ18VKtIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e8c9ee5db429784-FRA
expires
Sun, 17 Oct 2021 13:04:03 GMT
styles.css
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/styles.css
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
1ec9aec2370d762f203afb0a1e0c71bc53a66e9abdab6d3ce7b74aeaa487cd21

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1594
loading.gif
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		26 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/loading.gif
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
90803e1c9b13606cb13772d5d9ee831377fd7725c133bde93fe910cb6330cbb7

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:47 GMT
server
sopws
vary
Accept-Encoding
content-type
image/gif
status
200
accept-ranges
bytes
content-length
7635
logo.svg
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/logo.svg
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
10484
menu_mobile.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/menu_mobile.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
977e19c81de71348122dfcdeae56db89abe2910e67f5d998ce770cc358a32cc7

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
2790
arrow.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/arrow.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
2b043821ce615568982ca8088e0a012c6a330b7c20b4652b4329388cbae25d25

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
4030
menu.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/menu.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
d1404f67127e95b71f0665bfc60c4d320cab8b1f1c2bd3ca98f60492ec26a5e7

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:47 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
8980
search.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/search.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
5647f35ad11f1750aeb0759da5999452b4de848adaa26d8d4abffca94d756151

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
4926
menub1.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		24 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/menub1.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
bb2569cfc01591b21c0bd4161022824ad81bc10d4051e4317496d901d4c49343

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
22880
menub2.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		17 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/menub2.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
1e7772a059681e5fdae6e8da334f2d23eec9a5bf253bf30777df1b5165635ded

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
16558
menub3.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		21 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/menub3.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
00d60b7f2efa09a71b8875e54ed34185884f38b2ea9050b8f960e63c84e6f2ac

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
19742
menub4.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		28 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/menub4.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
cffae103e4f19de52053d8cc8138071b90e9dfdfd6d36c8a7fff7859a8c17939

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
25256
footer.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		17 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/footer.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
e0330276492cf742ca6be19d949d3b02c46318f302d8b705a7f1c3172df85f12

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
14604
footer_mobile2.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		10 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/footer_mobile2.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
50dcb8a4cd6329a410a837aaf9035a41ebb35d21bfb813534cb582f8d19560dc

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:48 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
7682
footer_mobile.png
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		15 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/footer_mobile.png
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
468a15fde8f9f9d2acf2edf9fd8c0a97889a4136a326c419d8d3982112693f03

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:47 GMT
server
sopws
vary
Accept-Encoding
content-type
image/png
status
200
accept-ranges
bytes
content-length
12656
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
489799
x-via
cfworker/kv
status
200
content-length
27958
cf-request-id
060bc1a3ac000097848a8bc000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
etag
"5eb09ed3-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wHi38uXQpffK9hovgCHAccUEMbrcjkTil1J%2BgqIJok%2Fn%2FY8FRTOTGUKTbqClJNo3eqZO2W%2FMssMpvj7MvMMcwfwt0jR3wUgP4XbjIxE%2BUjpqXD%2Bu%2B%2BY%2BZX2uR4sJj3D2pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e8c9ee5db439784-FRA
expires
Sun, 17 Oct 2021 13:04:03 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.4/umd/popper.min.js
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
490549
x-via
cfworker/kv
status
200
content-length
6507
cf-request-id
060bc1a3ab00009784bab50000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
etag
"5eb03fa9-5038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F3IwuS4mfl%2FdA%2B2M6P4976oUMaK7eLxxasqgjAm%2BMTd69foyKsw%2B2qHFOFKEQAcOf97dSh84dFrSmZobE7NymrXRoXi%2FvTv8FsE5%2F2tOEsfQ8HrTYEmymUI%2BvPRIjK1GsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e8c9ee5db469784-FRA
expires
Sun, 17 Oct 2021 13:04:03 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
492542
x-via
cfworker/kv
status
200
content-length
13080
cf-request-id
060bc1a3ab000097848a2f8000000001
timing-allow-origin
*
last-modified
Tue, 12 May 2020 17:56:41 GMT
server
cloudflare
etag
"5ebae359-eb0e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F0p9OjQC0gGjOeSHj%2Fy5toMgqKYmS0JT64U0sXJhMomMiQR%2FO8YSZSU9N1JLdJDEnKIKcu7uPii2WPAV2AavCFYSRHra2Wq9%2Bjogkz1FhEDTQyEe%2BskxCqil1t3TZjD0WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e8c9ee5db449784-FRA
expires
Sun, 17 Oct 2021 13:04:03 GMT
mdb.min.js
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.19.0/js/ 		282 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.19.0/js/mdb.min.js
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e87e13d9ddbb5b4bc75eda19bdf5a28cae9f3f9d797ef8a2146b350a992184

Request headers

Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
491020
x-via
cfworker/kv
status
200
content-length
78024
cf-request-id
060bc1a3ab00009784a7924000000001
timing-allow-origin
*
last-modified
Thu, 28 May 2020 14:55:10 GMT
server
cloudflare
etag
"5ecfd0ce-466b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=buOfoE04CcdYNsOD%2FgzNhQiy1iDSEOTMC8uNnZbbhBniXHH%2B%2Fv5PR5%2B%2F27uIA%2FJNdv1v96ZSWjIBjNV5Pm%2B0aWxs8JfdnRyxugqN7EdU7cdwYTw%2FDz5SG%2F0wNvt8ggLjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e8c9ee5db459784-FRA
expires
Sun, 17 Oct 2021 13:04:03 GMT
font1.woff
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/font1.woff
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf

Request headers

Origin
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:47 GMT
server
sopws
vary
Accept-Encoding
content-type
font/woff
status
200
accept-ranges
bytes
content-length
24582
font2.ttf
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/ 		50 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/font2.ttf
Requested by
Host: xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
URL: https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.36.63.38 , Turkey, ASN201086 (SERVERPLUS, TR),
Reverse DNS
antispam.dnsdll.com
Software
sopws /
Resource Hash
7d255a599b3d55c47683086f1a761c89c939d396a7011b63a87e20ad03b9e89d

Request headers

Origin
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
Referer
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/nzsprk/010cf6733ba79252a80674668054f335/files/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 13:04:02 GMT
content-encoding
gzip
last-modified
Tue, 27 Oct 2020 06:52:47 GMT
server
sopws
vary
Accept-Encoding
content-type
font/ttf
status
200
accept-ranges
bytes
content-length
23453
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 02:30:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
383633
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 23 Oct 2021 02:30:10 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spark (Telecommunication)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| Popper object| bootstrap object| bsCustomFileInput function| Color function| Chart object| ChartDataLabels object| Waves function| WOW

1 Cookies

Domain/Path Name / Value
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com/ Name: PHPSESSID
Value: hp087r0u869iu4ro9pnjb9eff1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
xtra.co.nz.nzd.renew234434412webmail.login.ozisguvenligi.com
193.36.63.38
23.111.9.35
2606:4700::6810:135e
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
00d60b7f2efa09a71b8875e54ed34185884f38b2ea9050b8f960e63c84e6f2ac
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0
153b99452c6f4326b736fcc2528a299a325fe63fa7daae2b00c029d39b278946
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
1e7772a059681e5fdae6e8da334f2d23eec9a5bf253bf30777df1b5165635ded
1ec9aec2370d762f203afb0a1e0c71bc53a66e9abdab6d3ce7b74aeaa487cd21
290758a94e9508647e9cb8e95128a300970ad62225329f2ba395003303e3d5e2
2b043821ce615568982ca8088e0a012c6a330b7c20b4652b4329388cbae25d25
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
468a15fde8f9f9d2acf2edf9fd8c0a97889a4136a326c419d8d3982112693f03
50dcb8a4cd6329a410a837aaf9035a41ebb35d21bfb813534cb582f8d19560dc
5647f35ad11f1750aeb0759da5999452b4de848adaa26d8d4abffca94d756151
620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
71e87e13d9ddbb5b4bc75eda19bdf5a28cae9f3f9d797ef8a2146b350a992184
7d255a599b3d55c47683086f1a761c89c939d396a7011b63a87e20ad03b9e89d
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
90803e1c9b13606cb13772d5d9ee831377fd7725c133bde93fe910cb6330cbb7
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
977e19c81de71348122dfcdeae56db89abe2910e67f5d998ce770cc358a32cc7
bb2569cfc01591b21c0bd4161022824ad81bc10d4051e4317496d901d4c49343
cffae103e4f19de52053d8cc8138071b90e9dfdfd6d36c8a7fff7859a8c17939
d1404f67127e95b71f0665bfc60c4d320cab8b1f1c2bd3ca98f60492ec26a5e7
e0330276492cf742ca6be19d949d3b02c46318f302d8b705a7f1c3172df85f12
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d