casibomresmi.xyz Open in urlscan Pro
172.67.195.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://casibomresmi.xyz/
Effective URL:
https://casibomresmi.xyz/
Submission Tags: @phish_report
Submission: On August 15 via api (August 15th 2024, 6:42:28 pm UTC) from FI — Scanned from TR

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 20 HTTP transactions. The main IP is 172.67.195.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is casibomresmi.xyz.
TLS certificate: Issued by WE1 on August 15th 2024. Valid for: 3 months.

This is the only time casibomresmi.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	172.67.195.209 172.67.195.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1	172.67.149.254 172.67.149.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
1	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
20	8

7 172.67.195.209 (United States)

ASN13335 (CLOUDFLARENET, US)

casibomresmi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.149.254 (United States)

ASN13335 (CLOUDFLARENET, US)

casibomresmi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

ampcid.google.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	142 KB
7	casibomresmi.xyz casibomresmi.xyz	523 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	210 B
1	google.com.tr ampcid.google.com.tr — Cisco Umbrella Rank: 128436	369 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 4317	443 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	1 KB
1	casibomresmi.net casibomresmi.net	8 KB
20	7

	Domain	Requested by
7	cdn.ampproject.org	casibomresmi.xyz cdn.ampproject.org
7	casibomresmi.xyz	casibomresmi.xyz
1	www.google-analytics.com
1	ampcid.google.com.tr	cdn.ampproject.org
1	ampcid.google.com	cdn.ampproject.org
1	www.googletagmanager.com	cdn.ampproject.org
1	casibomresmi.net	casibomresmi.xyz
20	7

This site contains links to these domains. Also see Links.

Domain
casibomresmi.net
edu.norwichuniversty.com
www.google.com

Subject Issuer	Validity	Valid
casibomresmi.xyz WE1	`2024-08-15` - `2024-11-13`	3 months	crt.sh
misc-sni.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
casibomresmi.net WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com.tr WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://casibomresmi.xyz/
Frame ID: 7998B84CBF2DBADD4A8F3A1517456AFD
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casibom Giriş Resmi™ | Casibom Güncel Giriş Adresi 2024

Page URL History Show full URLs

http://casibomresmi.xyz/ HTTP 307
https://casibomresmi.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

1
Countries

676 kB
Transfer

1177 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://casibomresmi.net/
Title: Casibom

Search URL Search Domain Scan URL

URL: https://edu.norwichuniversty.com/tr?faff=101csbm

Search URL Search Domain Scan URL

URL: https://www.google.com/
Title: Google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://casibomresmi.xyz/ HTTP 307
https://casibomresmi.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
casibomresmi.xyz/
Redirect Chain

http://casibomresmi.xyz/
https://casibomresmi.xyz/

36 KB
11 KB

1655ms
1530ms

Document
text/html

172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a35850a710618582a3e5bf426d40324a46d5b4e06d5bed1e31383452b0e42c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b3b52f859340b6e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 18:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hREloS1DTdgHbtIlkAZZHeGCRyjfJccF5JA5fujbCEhn%2BbzYXDOvzIhgdfOsvhxATUt5Xtpo7%2F0Nlfw5M6SBARw5fu9LyeXhF%2Fugwwp%2FtbQOGMB1qNZ6gM2wcjejeInfJ%2Fu8"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://casibomresmi.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 amp-analytics-latest.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 404ms
176ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-latest.js

Requested by

Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 18:42:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32172
x-xss-protection: 0
server: sffe
etag: "00d6e44cc01644d3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Aug 2024 18:42:23 GMT

GET
H3 200 icomoon.ttf
casibomresmi.xyz/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/swift/fonts/ 116 KB
58 KB 385ms
384ms Font
text/html 172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casibomresmi.xyz/wp-content/plugins/accelerated-mobile-pages/templates/design-manager/swift/fonts/icomoon.ttf
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9835d52e3ebad110502a2c3c47a3174af9bd1b9cda96782ddaa095e7f76ca281

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
Origin: https://casibomresmi.xyz
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2024 18:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBjoO7OzqOjznOvttxdVsT0%2BfhxQijnpKfyy1rdfcD0MK%2BUB8E8A08KrfNzJNG6%2BurGBj0vKq7kHlZ0AL716QZqkn8J%2FCcNXCU%2FOiy3iEQxulroU1BGqIenMZXvUJr2oY9Ui"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8b3b5301fca40b6e-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 325ms
97ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 18:42:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73122
x-xss-protection: 0
server: sffe
etag: "2af4af216080b72b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Aug 2024 18:42:23 GMT

GET
H2 200 amp-bind-latest.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 362ms
146ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-latest.js

Requested by

Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

13443ae5ca0734c899cfa3350a33befdf086e9a725fef1b01e6e60853221b0bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 15 Aug 2024 18:42:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16373
x-xss-protection: 0
server: sffe
etag: "e82c27b58fff63c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Aug 2024 18:42:23 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00407723876332632dd6d475a0e5362081d6314283d5e1dc67a43fb0700f1d30

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0c477e17fa86c5a24b85d190636e4d465b9c691b406afc1e9950e9cbbf92541

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43b8a16e1217f9ca17d12fa44bd01a57a30fe2804e057a3edd60983ccc29c53d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5fac894e6e339ff623ada76dceae495421340ed93f4020d74cc270d50a0e567

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7872d36e9e84d89024c9e46d5abeb836b12b04780118dfe5d4b74fcc6f34dfe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 casibom-guncel-logo.png
casibomresmi.net/wp-content/uploads/2023/12/ 8 KB
8 KB 263ms
150ms Image
image/png 172.67.149.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casibomresmi.net/wp-content/uploads/2023/12/casibom-guncel-logo.png
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be6ef356b0dd63430d54f046fd41d45f1dd782578c2aa20b148e61baf48c4a2

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:24 GMT
cf-cache-status: MISS
last-modified: Tue, 12 Dec 2023 19:31:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lm%2Fc49So1kHUMVoUXg7es4kNJNkTx2Ofhfnvfyz2BVBmBiKNCwmgukp%2FuMLlpw3v9VBpknA50usM1LDEU9u3y0XM5fGA9ir3jaq%2FoPQjrz9nIcQC7h8St0RbJO6ILtFwcTS%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b3b5305a834b8de-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8213

GET
H3 200 casibom-giris-adres.png
casibomresmi.xyz/wp-content/uploads/2024/02/ 9 KB
10 KB 312ms
311ms Image
text/html 172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casibomresmi.xyz/wp-content/uploads/2024/02/casibom-giris-adres.png
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd58b29f918f6cd9207c431d5219ebdc1aea75da80829171990247e5e90fbd5

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2024 18:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOxdei7ywAmVRagXuZhUatymRp98b07kth90Pgs0rECtCOXHcvDL8rhFFqY6%2B4uYttvn%2BwMQ8eeBSAiDHjbVutv%2BY%2BlabBRu0y9vSOB9zttEgiHAW8xr5oewMFzhKZ432Gtm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8b3b5304f84c0b6e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 casibom-giris-yeni-adres.png
casibomresmi.xyz/wp-content/uploads/2023/12/ 6 KB
6 KB 288ms
287ms Image
text/html 172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casibomresmi.xyz/wp-content/uploads/2023/12/casibom-giris-yeni-adres.png
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70f53180ec5ed50bf694142f7e18687639b666ddc3c0379753e6548aff17e2c7

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2024 18:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L57epZ5rjMyUV3ByRGZI2UjegKmQaj6J1koBVVafdC0ez%2BqfRFK1IDg%2Fl4LeTuKoyehf8CPUnUY79k%2BiAyCoL%2F0OGBSLCfAihSqax0IUnwldsj6QF%2BI4bXv2TchD6KoDyj%2Ba"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8b3b5304f84f0b6e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 casibom-guncel.png
casibomresmi.xyz/wp-content/uploads/2023/12/ 84 KB
85 KB 585ms
584ms Image
text/html 172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casibomresmi.xyz/wp-content/uploads/2023/12/casibom-guncel.png
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b4053aa3642fc114351cb5cbe089c9ded4dc48221cd1eb60b0dd81cd61d951

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2024 18:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufATkJdSnEW6PLZ0pPgppN97%2FOQH57ihFCB9R%2FlV1LNhBzD%2FoqrU%2Bj8XLVsckcSASOvSpCM3vRpr345RGqc9zXpGWXbbp0lGzn79qrjb3ycJSrngy6vCC9QGQlULbRZrqvB5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8b3b5304f8520b6e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 casibom-canli-casino.png
casibomresmi.xyz/wp-content/uploads/2023/12/ 352 KB
352 KB 397ms
397ms Image
text/html 172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casibomresmi.xyz/wp-content/uploads/2023/12/casibom-canli-casino.png
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a209fa0e84d318e1cbc4b8d9d5e35a51db95f159f3706cec46cb4f9a934675a

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2024 18:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Iz7ga4rIBNyh4cm2K%2BexqlKE%2BE9qREy6tXW%2BuCjseU3GRpx0kiWwX90LaSW4cgTCHpwiRkOwUnZnSHZMhPFApqwsqkoThvfUyXHCVIcBQEcVWFiKuOTNKJsMXfJXMURUROB"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8b3b5304f8530b6e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 8 KB
3 KB 303ms
123ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
Origin: https://casibomresmi.xyz
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 15:06:09 GMT
age: 185775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "3bb766b5672b9f2f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Aug 2025 15:06:09 GMT

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012406131415000/ 51 KB
14 KB 271ms
93ms Fetch
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

0f7b02e0e4df9b624eb1272efd6bd6d70209798c2a498abd4c41e113498eea70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Accept: text/plain
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 14:08:40 GMT
age: 189224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14443
x-xss-protection: 0
server: sffe
etag: "db4454252753be3a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Aug 2025 14:08:40 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012406131415000/v0/ 12 KB
4 KB 300ms
125ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
Origin: https://casibomresmi.xyz
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 13:58:11 GMT
age: 189853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "db107aa2d6068f23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Aug 2025 13:58:11 GMT

GET
BLOB 200
OK ad87f1d4-99b4-4a9d-a262-2e73e8dbe092
https://casibomresmi.xyz/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://casibomresmi.xyz/ad87f1d4-99b4-4a9d-a262-2e73e8dbe092
Requested by: Host: casibomresmi.xyz
URL: https://casibomresmi.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2f2573588d39c2620beaf6ba62a24b1ce5ced73eca1ae6722882d8b8b6e558f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 52082
Content-Type: text/javascript

GET
H3 200 cropped-casibom-guncel-favicon-32x32.png
casibomresmi.xyz/wp-content/uploads/2023/12/ 679 B
1 KB 887ms
887ms Other
text/html 172.67.195.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://casibomresmi.xyz/wp-content/uploads/2023/12/cropped-casibom-guncel-favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.195.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33abdd439ff016b5a71a5209ced0109d06d49399590bf0edfb7154d40e8c777a

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Thu, 15 Aug 2024 18:42:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Aug 2024 18:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGosuIaZKeIfmmkZ7tLk50ywdwik23kvRWknkWhDGt%2FXvZihPGxVx1CoLvRPmMC%2B7I0bcIwMipdLO2H4GIdVWedymcqD1%2FEemXAMA1Vo0ELBvAp7V%2F7xmbTwwgxSFzAqtT8t"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 8b3b53094d130b6e-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012406131415000/v0/analytics-vendors/ 3 KB
956 B 91ms
91ms Fetch
application/json 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Accept: application/json
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 13:58:34 GMT
age: 189830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "d77a8a769083755b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Aug 2025 13:58:34 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 1 KB
1 KB 282ms
97ms Fetch
application/json 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fcasibomresmi.xyz

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

07b0fe46d7ad4d7f168654e3c281e59b17b88f4f81f0908ec51a76504a1b8699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Accept: application/json
sec-ch-ua-platform: "Linux"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 15 Aug 2024 18:42:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://casibomresmi.xyz
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://casibomresmi.xyz
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 78 B
443 B 311ms
97ms Fetch
application/json 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

11fa030ae728f38ca0b49f28f0d94e13595d72c7d05dbb7a36e33292613be9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Accept: application/json
sec-ch-ua-platform: "Linux"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 15 Aug 2024 18:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://casibomresmi.xyz
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.com.tr/v1/ 3 B
369 B 307ms
103ms Fetch
application/json 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com.tr/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Accept: application/json
sec-ch-ua-platform: "Linux"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 15 Aug 2024 18:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://casibomresmi.xyz
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 204 collect
www.google-analytics.com/g/ 0
210 B 313ms
117ms Image
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K6CDZWBCRW&cid=amp-8sBTHVGIMzJUoWkfT7oYYg&ul=tr-tr&sr=1600x1200&sid=1723747345&sct=1&seg=1&dl=https%3A%2F%2Fcasibomresmi.xyz%2F&dr=&dt=Casibom%20Giri%C5%9F%20Resmi%E2%84%A2%20%7C%20Casibom%20G%C3%BCncel%20Giri%C5%9F%20Adresi%202024&en=page_view&_ee=1&_s=1&_et=1000&uaa=x86&uab=64&uafvl=%5B%7B%22brand%22%3A%22Not)A%3BBrand%22%2C%22version%22%3A%2299.0.0.0%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22127.0.6533.99%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22127.0.6533.99%22%7D%5D&uamb=0&uam=&uap=Linux&uapv=5.15.0&uaw=0&_fv=1&_p=2019597179&_ss=1&dma=0&ep.groups=default&gtm=45De1110&npa=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
Referer: https://casibomresmi.xyz/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 18:42:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.casibomresmi.xyz/	1970-01-20 22:49:10	Name: AMP_TOKEN Value: %24NOT_FOUND
			.casibomresmi.xyz/	1970-01-21 07:34:43	Name: _ga Value: amp-8sBTHVGIMzJUoWkfT7oYYg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.com.tr
casibomresmi.net
casibomresmi.xyz
cdn.ampproject.org
www.google-analytics.com
www.googletagmanager.com
142.250.184.238
172.217.18.1
172.67.149.254
172.67.195.209
216.239.36.178
216.58.206.46
216.58.206.72
00407723876332632dd6d475a0e5362081d6314283d5e1dc67a43fb0700f1d30
02a85bd059f93c80bb3d1eba2d4886fad8ab0a950bc988a3471efe187d749fd0
07b0fe46d7ad4d7f168654e3c281e59b17b88f4f81f0908ec51a76504a1b8699
08c034b981c8dbe7aace6c041f2b7dec193b2aff8d219ae8c3fc80f1aceda1de
0a209fa0e84d318e1cbc4b8d9d5e35a51db95f159f3706cec46cb4f9a934675a
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0f7b02e0e4df9b624eb1272efd6bd6d70209798c2a498abd4c41e113498eea70
11fa030ae728f38ca0b49f28f0d94e13595d72c7d05dbb7a36e33292613be9ee
13443ae5ca0734c899cfa3350a33befdf086e9a725fef1b01e6e60853221b0bc
33abdd439ff016b5a71a5209ced0109d06d49399590bf0edfb7154d40e8c777a
416484b2217e26d94420e4f75f62d3fbdb07a81058e6468042ce2542d016340d
43b8a16e1217f9ca17d12fa44bd01a57a30fe2804e057a3edd60983ccc29c53d
4be6ef356b0dd63430d54f046fd41d45f1dd782578c2aa20b148e61baf48c4a2
70f53180ec5ed50bf694142f7e18687639b666ddc3c0379753e6548aff17e2c7
9835d52e3ebad110502a2c3c47a3174af9bd1b9cda96782ddaa095e7f76ca281
98b4053aa3642fc114351cb5cbe089c9ded4dc48221cd1eb60b0dd81cd61d951
9dd58b29f918f6cd9207c431d5219ebdc1aea75da80829171990247e5e90fbd5
b2f2573588d39c2620beaf6ba62a24b1ce5ced73eca1ae6722882d8b8b6e558f
c0c477e17fa86c5a24b85d190636e4d465b9c691b406afc1e9950e9cbbf92541
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2a35850a710618582a3e5bf426d40324a46d5b4e06d5bed1e31383452b0e42c
d7872d36e9e84d89024c9e46d5abeb836b12b04780118dfe5d4b74fcc6f34dfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a0b30928c7d7d1d18cd4c7f43d23f2615cbcc92a0457a4e5bf04b9e3e73353
f5fac894e6e339ff623ada76dceae495421340ed93f4020d74cc270d50a0e567

casibomresmi.xyz Open in urlscan Pro 172.67.195.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

8 IPs

1 Countries

676 kBTransfer

1177 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

Indicators

casibomresmi.xyz Open in urlscan Pro
172.67.195.209 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

1
Countries

676 kB
Transfer

1177 kB
Size

2
Cookies

20 HTTP transactions
5 data transactions