sinirlimatkapsuresi.xyz Open in urlscan Pro
138.197.186.221 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sinirlimatkapsuresi.xyz/urun.php?id=6&fbclid=PAY2xjawHf_WJleHRuA2FlbQEwAGFkaWQBqxU8TAMPsAGm79KEJ6LgGvQzdQRoDa4EkKG7s8kX6...
Submission: On December 30 via api (December 30th 2024, 11:29:23 pm UTC) from TR — Scanned from FI

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 44 HTTP transactions. The main IP is 138.197.186.221, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is sinirlimatkapsuresi.xyz.
TLS certificate: Issued by R10 on December 30th 2024. Valid for: 3 months.

This is the only time sinirlimatkapsuresi.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: A101 (Retail)

Domain & IP information

	IP Address	AS Autonomous System
29	138.197.186.221 138.197.186.221	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::681a:cde	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:47f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.236.112.179 23.236.112.179	21859 (ZEN-ECN) (ZEN-ECN)
2	2606:4700:303... 2606:4700:3030::6815:2001	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:5a6::f09	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	31.3.2.84 31.3.2.84	21245 (Medianova...) (Medianova-CDN MEDIANOVA INTERNET HIZMETLERI VE TICARET ANONIM SIRKETI)
44	9

29 138.197.186.221 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

sinirlimatkapsuresi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cde (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.personaclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47f7 (United States)

ASN13335 (CLOUDFLARENET, US)

static.personaclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.236.112.179 (United States)

ASN21859 (ZEN-ECN, US)

rio.a101.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.a101.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:2001 (United States)

ASN13335 (CLOUDFLARENET, US)

resmim.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5a6::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.3.2.84 (Frankfurt am Main, Germany)

ASN21245 (Medianova-CDN MEDIANOVA INTERNET HIZMETLERI VE TICARET ANONIM SIRKETI, TR)

f-a101-l.mncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	sinirlimatkapsuresi.xyz sinirlimatkapsuresi.xyz	1 MB
4	a101.com.tr rio.a101.com.tr — Cisco Umbrella Rank: 801566 cdn2.a101.com.tr — Cisco Umbrella Rank: 940163	12 KB
3	mncdn.com f-a101-l.mncdn.com	5 KB
3	personaclick.com cdn.personaclick.com — Cisco Umbrella Rank: 307751 static.personaclick.com — Cisco Umbrella Rank: 403740	10 KB
2	resmim.net resmim.net	881 KB
1	doubleclick.net td.doubleclick.net — Cisco Umbrella Rank: 182
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	28 KB
1	cookiebot.com imgsct.cookiebot.com — Cisco Umbrella Rank: 5232	778 B
44	8

	Domain	Requested by
29	sinirlimatkapsuresi.xyz	sinirlimatkapsuresi.xyz cdnjs.cloudflare.com
3	f-a101-l.mncdn.com	sinirlimatkapsuresi.xyz
3	rio.a101.com.tr	sinirlimatkapsuresi.xyz
2	resmim.net	sinirlimatkapsuresi.xyz
2	cdn.personaclick.com	sinirlimatkapsuresi.xyz
1	td.doubleclick.net	sinirlimatkapsuresi.xyz
1	cdnjs.cloudflare.com	sinirlimatkapsuresi.xyz
1	imgsct.cookiebot.com	sinirlimatkapsuresi.xyz
1	cdn2.a101.com.tr	sinirlimatkapsuresi.xyz
1	static.personaclick.com	sinirlimatkapsuresi.xyz
44	10

This site contains no links.

Subject Issuer	Validity	Valid
sinirlimatkapsuresi.xyz R10	`2024-12-30` - `2025-03-30`	3 months	crt.sh
personaclick.com E6	`2024-11-05` - `2025-02-03`	3 months	crt.sh
*.a101.com.tr R11	`2024-12-02` - `2025-03-02`	3 months	crt.sh
resmim.net WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.mncdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-24` - `2025-08-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sinirlimatkapsuresi.xyz/urun.php?id=6&fbclid=PAY2xjawHf_WJleHRuA2FlbQEwAGFkaWQBqxU8TAMPsAGm79KEJ6LgGvQzdQRoDa4EkKG7s8kX6q2AVlR2v1L2ZTw5bMoRI-GbVEGB_aem_QrGSFL7sQkzMvZmmfstuwQ
Frame ID: 0615DF39903CEEA8CD77EFB2AAB7399E
Requests: 43 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-921ZB7KF1X&gacid=107022692.1729498375&gtm=45je4au0v9177367272za200zb9171066140&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629&z=2036604723
Frame ID: B0060356570FF3EC8558C6EC6620B763
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Assur Plus Çift Akülü 5 li Set Şarjlı Taşlama Daire Testere-Matkap Kırıcı Delici Hilti Somun Sökme Makinesi

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1980 kB
Transfer

3297 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request urun.php Show response
sinirlimatkapsuresi.xyz/ 162 KB
25 KB 273ms
95ms Document
text/html 138.197.186.221
DIGITALOCEAN-ASN

General

			Domain/Path	Expires	Name / Value
			sinirlimatkapsuresi.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5i2ni399gkchke2u0dv7l58llq
			.doubleclick.net/	1970-01-21 02:06:42	Name: test_cookie Value: CheckForPermission

Source	Level	URL Text
network	error	URL: https://sinirlimatkapsuresi.xyz/_next/static/css/454bf7671580d9b7.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sinirlimatkapsuresi.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

sinirlimatkapsuresi.xyz Open in urlscan Pro 138.197.186.221 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

56 %IPv6

8 Domains

10 Subdomains

9 IPs

3 Countries

1980 kBTransfer

3297 kBSize

2 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sinirlimatkapsuresi.xyz Open in urlscan Pro
138.197.186.221 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1980 kB
Transfer

3297 kB
Size

2
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!