onurdanismanlik.com.tr Open in urlscan Pro
185.179.24.161 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://onurdanismanlik.com.tr/
Submission: On January 01 via automatic, source openphish (January 1st 2022, 1:12:41 pm UTC) — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 6 countries across 7 domains to perform 39 HTTP transactions. The main IP is 185.179.24.161, located in Turkey and belongs to AYSIMA, TR. The main domain is onurdanismanlik.com.tr.

This is the only time onurdanismanlik.com.tr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	185.179.24.161 185.179.24.161	59674 (AYSIMA) (AYSIMA)
1	2600:9000:206... 2600:9000:206f:7600:6:bbf2:440:21	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	13.32.27.84 13.32.27.84	16509 (AMAZON-02) (AMAZON-02)
2	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
4	54.229.132.87 54.229.132.87	16509 (AMAZON-02) (AMAZON-02)
10	149.56.21.68 149.56.21.68	16276 (OVH) (OVH)
1	51.89.217.92 51.89.217.92	16276 (OVH) (OVH)
39	9

15 185.179.24.161 (Turkey)

ASN59674 (AYSIMA, TR)
PTR: tr9.megatrhost.com

onurdanismanlik.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7600:6:bbf2:440:21 (United States)

ASN16509 (AMAZON-02, US)

d19ptbnuzhibkh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-84.fra56.r.cloudfront.net

prod-cdn.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.229.132.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-132-87.eu-west-1.compute.amazonaws.com

snowplow.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 149.56.21.68 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: prd-capture-3.tjsint.net

capture.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.217.92 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: prd-usage-4.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	onurdanismanlik.com.tr onurdanismanlik.com.tr	34 KB
11	trackjs.com capture.trackjs.com usage.trackjs.com	655 B
4	wetransfer.com snowplow.wetransfer.com	982 B
3	wetransfer.net prod-cdn.wetransfer.net	293 KB
2	launchdarkly.com app.launchdarkly.com events.launchdarkly.com Failed	179 B
2	googletagmanager.com 1 redirects www.googletagmanager.com	56 KB
1	cloudfront.net d19ptbnuzhibkh.cloudfront.net	30 KB
39	7

	Domain	Requested by
15	onurdanismanlik.com.tr	onurdanismanlik.com.tr
10	capture.trackjs.com	prod-cdn.wetransfer.net
4	snowplow.wetransfer.com	prod-cdn.wetransfer.net
3	prod-cdn.wetransfer.net	onurdanismanlik.com.tr
2	app.launchdarkly.com	prod-cdn.wetransfer.net
2	www.googletagmanager.com	1 redirects onurdanismanlik.com.tr
1	usage.trackjs.com
1	d19ptbnuzhibkh.cloudfront.net	onurdanismanlik.com.tr
0	events.launchdarkly.com Failed	prod-cdn.wetransfer.net
39	9

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com

Subject Issuer	Validity	Valid
wetransfer.net Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.trackjs.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-11` - `2022-08-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://onurdanismanlik.com.tr/
Frame ID: ECAC2D160A4CB0C3791594FD77118BD8
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WeTransfer

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

41 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

9
IPs

6
Countries

415 kB
Transfer

1433 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wetransfer.zendesk.com/
Title: help center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
onurdanismanlik.com.tr/ 110 KB
34 KB 279ms
105ms Document
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash: 5c0c35772d44973e345e28c4740bd7b418920fa2ada29460f2353386023fbda4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sat, 01 Jan 2022 13:12:35 GMT

GET
H/1.1 404
Not Found jquery-1.11.1.min.js
onurdanismanlik.com.tr/js/ 0
0 82ms
77ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/js/jquery-1.11.1.min.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 82ms
77ms Stylesheet
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found gtm.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 43ms
43ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/gtm.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found sp.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 41ms
41ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/sp.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 82ms
76ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 44ms
43ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found runtime.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 84ms
77ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/runtime.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found vendor.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 83ms
77ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/vendor.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found application.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 84ms
41ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/application.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 41ms
41ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 200
OK sp.js Show response
d19ptbnuzhibkh.cloudfront.net/2.10.2/ 96 KB
30 KB 22ms
7ms Script
application/javascript 2600:9000:206f:7600:6:bbf2:440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 2600:9000:206f:7600:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 09:36:20 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2019 15:14:08 GMT
Server: AmazonS3
Age: 5888177
ETag: "c7b65b3f4e8761897af9a3ca5d76682e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 29895
X-Amz-Cf-Id: k49v3LkfJhLWTBdImjUXDKMMl5icosoCrN9fyNAL1kjILJhImRcl4w==

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP
https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP

201 KB
56 KB

61ms
37ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP

Requested by

Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8494c88c5fd4cf4bb87ee42bf124846862b9b252ad3f41e6626ab5745be6d3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 13:12:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57014
x-xss-protection: 0
last-modified: Sat, 01 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 01 Jan 2022 13:12:36 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 404
Not Found advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 42ms
42ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H2 200 runtime.es6-ac59e53254ef675b7b3a.js Show response
prod-cdn.wetransfer.net/assets/ 6 KB
3 KB 38ms
10ms Script
application/javascript 13.32.27.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/runtime.es6-ac59e53254ef675b7b3a.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faca76279db9a9c8ce14e8038b244f518ab12c4fa9dc1618cb7e4f4eb81be925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 10:24:49 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:18:31 GMT
server: AmazonS3
age: 10068
etag: W/"1a97ae072343df373051311fb148f209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: -xUVNVCf0Ec9lwJ3SdNyGq_41fgJoAX85JNNvNzFnhLmM0jAhNUHXA==

GET
H/1.1 404
Not Found runtime.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 41ms
41ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/runtime.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H2 200 vendor.es6-585a00bcc230b087ea19.js Show response
prod-cdn.wetransfer.net/assets/ 431 KB
135 KB 11ms
11ms Script
application/javascript 13.32.27.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4db429a101e237635a1724010425d3883c599bc8b6a0f9cd250cbac4fa044698

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 10:24:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:18:32 GMT
server: AmazonS3
age: 10067
etag: W/"1076d11bbda0b49d3f90c198dad91ee6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: X5ZHxEk43w5HJ34NckaC3A5zpBgJ-nUZ_Kc8GIfZqZwyMP7ZTRk36A==

GET
H/1.1 404
Not Found vendor.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 42ms
41ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/vendor.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H/1.1 404
Not Found application.js
onurdanismanlik.com.tr/WeTransfer2_files/ 0
0 44ms
44ms Script
text/html 185.179.24.161
AYSIMA

General

Check archive.org

Show headers Download Go to

Full URL: http://onurdanismanlik.com.tr/WeTransfer2_files/application.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: HTTP/1.1
Server: 185.179.24.161 , Turkey, ASN59674 (AYSIMA, TR),
Reverse DNS: tr9.megatrhost.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jan 2022 13:12:36 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 708
Content-Type: text/html

GET
H2 200 application.es6-b7e72666d3b85babd76f.js Show response
prod-cdn.wetransfer.net/assets/ 590 KB
155 KB 10ms
10ms Script
application/javascript 13.32.27.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/application.es6-b7e72666d3b85babd76f.js
Requested by: Host: onurdanismanlik.com.tr
URL: http://onurdanismanlik.com.tr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80d7739c0431b682bc199a173389da24543ab017afdea3a1ad6e0103ef4cb3e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:03:12 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:18:28 GMT
server: AmazonS3
age: 4561765
etag: W/"4c927286358cd81860c936931d242a6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: gCGTJR1Np6hHUIwsTyrMjm7bMTIe_dH6tHvw01lZJQDT5hj6vVyaJQ==

OPTIONS
H2 200 5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ 0
0 74ms
16ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: http://onurdanismanlik.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Sat, 01 Jan 2022 13:12:36 GMT
via: 1.1 varnish
x-served-by: cache-cdg20751-CDG
x-cache: HIT
x-cache-hits: 32
x-timer: S1641042757.721065,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

OPTIONS
H/1.1 200
OK tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 0
0 81ms
56ms Preflight 54.229.132.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Server: 54.229.132.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-87.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://onurdanismanlik.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 01 Jan 2022 13:12:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://onurdanismanlik.com.tr
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 5
Server: akka-http/10.2.7

GET
H2 200 5b82f23280914154b163996e Show response
app.launchdarkly.com/sdk/goals/ 2 B
179 B 16ms
16ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e

Requested by

Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/2.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
date: Sat, 01 Jan 2022 13:12:36 GMT
content-length: 26
x-served-by: cache-cdg20751-CDG
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1641042757.737761,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 9

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 304ms
99ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
183 B 301ms
98ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 306ms
103ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 305ms
103ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 304ms
104ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 309ms
109ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 309ms
110ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 313ms
115ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 307ms
110ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 202 capture Show response
capture.trackjs.com/ 0
27 B 312ms
115ms XHR
text/plain 149.56.21.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=c695133a6747471db439aca0a2500556&v=3.7.3
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.21.68 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-3.tjsint.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 01 Jan 2022 13:12:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin: *
arr-disable-session-affinity: true
cache-control: private
access-control-allow-headers: Content-Type
content-length: 0

POST
H/1.1 200
OK tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
491 B 57ms
52ms XHR
text/plain 54.229.132.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: HTTP/1.1
Server: 54.229.132.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-87.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 01 Jan 2022 13:12:36 GMT
Server: akka-http/10.2.7
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://onurdanismanlik.com.tr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
229 B 64ms
19ms Image
image/gif 51.89.217.92
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=c695133a6747471db439aca0a2500556&correlationId=f7ddbfbc-8a05-4593-b4ea-96d97dcf0c20&application=frontend-com&x=9a7a85e2-fc5b-4346-a529-9523d7d00a31&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.217.92 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-4.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://onurdanismanlik.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 01 Jan 2022 13:12:36 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

OPTIONS
H/1.1 200
OK tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 0
0 31ms
31ms Preflight 54.229.132.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Server: 54.229.132.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-87.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://onurdanismanlik.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 01 Jan 2022 13:12:36 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://onurdanismanlik.com.tr
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 5
Server: akka-http/10.2.7

POST
H/1.1 200
OK tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
491 B 35ms
35ms XHR
text/plain 54.229.132.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: prod-cdn.wetransfer.net
URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Protocol: HTTP/1.1
Server: 54.229.132.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-132-87.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://onurdanismanlik.com.tr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 01 Jan 2022 13:12:36 GMT
Server: akka-http/10.2.7
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://onurdanismanlik.com.tr
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

POST 5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ 0
0

OPTIONS 5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: events.launchdarkly.com
URL: https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Domain: events.launchdarkly.com
URL: https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.onurdanismanlik.com.tr/	1970-01-19 23:50:44	Name: _wt_snowplowses.515b Value: *
			.onurdanismanlik.com.tr/	1970-01-20 17:21:54	Name: _wt_snowplowid.515b Value: fb00d2bd-a285-4370-9d17-871701c33e25.1641042757.1.1641042757.1641042757.a225444f-9697-4bc2-9239-40d63cdb1c98

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/js/jquery-1.11.1.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/vendor.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/runtime.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/application.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/gtm.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/sp.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/runtime.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/vendor.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://onurdanismanlik.com.tr/WeTransfer2_files/application.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
capture.trackjs.com
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
onurdanismanlik.com.tr
prod-cdn.wetransfer.net
snowplow.wetransfer.com
usage.trackjs.com
www.googletagmanager.com
events.launchdarkly.com
13.32.27.84
149.56.21.68
151.101.194.217
185.179.24.161
2600:9000:206f:7600:6:bbf2:440:21
2a00:1450:4001:80e::2008
51.89.217.92
54.229.132.87
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4db429a101e237635a1724010425d3883c599bc8b6a0f9cd250cbac4fa044698
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5c0c35772d44973e345e28c4740bd7b418920fa2ada29460f2353386023fbda4
80d7739c0431b682bc199a173389da24543ab017afdea3a1ad6e0103ef4cb3e0
8494c88c5fd4cf4bb87ee42bf124846862b9b252ad3f41e6626ab5745be6d3de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faca76279db9a9c8ce14e8038b244f518ab12c4fa9dc1618cb7e4f4eb81be925

onurdanismanlik.com.tr Open in urlscan Pro 185.179.24.161 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

41 %HTTPS

25 %IPv6

7 Domains

9 Subdomains

9 IPs

6 Countries

415 kBTransfer

1433 kBSize

2 Cookies

1 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onurdanismanlik.com.tr Open in urlscan Pro
185.179.24.161 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

41 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

9
IPs

6
Countries

415 kB
Transfer

1433 kB
Size

2
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!