esasguvenlik.com Open in urlscan Pro
109.232.216.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://esasguvenlik.com/wp-content/themes/kyc/
Submission: On August 13 via automatic, source openphish (August 13th 2023, 3:06:51 pm UTC) — Scanned from DE

Summary HTTP 59 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 59 HTTP transactions. The main IP is 109.232.216.100, located in Istanbul, Turkey and belongs to AEROTEK-AS, TR. The main domain is esasguvenlik.com.
TLS certificate: Issued by R3 on August 4th 2023. Valid for: 3 months.

This is the only time esasguvenlik.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Randolph Brooks Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 30	109.232.216.100 109.232.216.100	42807 (AEROTEK-AS) (AEROTEK-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	3.161.119.111 3.161.119.111	16509 (AMAZON-02) (AMAZON-02)
5	99.86.4.104 99.86.4.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.21.2.28 52.21.2.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:230... 2600:9000:2304:7000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
59	14

30 109.232.216.100 (Istanbul, Turkey) 1 redirects

ASN42807 (AEROTEK-AS, TR)
PTR: srvc99.turhost.com

esasguvenlik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.161.119.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-111.vie50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.4.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-104.fra6.r.cloudfront.net

cdn.segmint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.2.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-2-28.compute-1.amazonaws.com

content-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:7000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	esasguvenlik.com 1 redirects esasguvenlik.com	3 MB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
5	segmint.net cdn.segmint.net — Cisco Umbrella Rank: 37307	18 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 386	186 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 374	13 KB
3	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3629	62 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 890	399 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114	346 B
1	content-cdn.com content-cdn.com — Cisco Umbrella Rank: 454834	185 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 819	5 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 368	533 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	92 KB
59	13

	Domain	Requested by
30	esasguvenlik.com	1 redirects esasguvenlik.com
6	www.google-analytics.com	esasguvenlik.com cdn.appdynamics.com
5	cdn.segmint.net	esasguvenlik.com
5	maps.googleapis.com	esasguvenlik.com cdn.appdynamics.com
3	bat.bing.com	cdn.appdynamics.com esasguvenlik.com
3	cdn.appdynamics.com	esasguvenlik.com cdn.appdynamics.com
1	cdn.linkedin.oribi.io	esasguvenlik.com
1	stats.g.doubleclick.net	esasguvenlik.com
1	content-cdn.com	esasguvenlik.com
1	snap.licdn.com	cdn.appdynamics.com
1	fonts.gstatic.com	esasguvenlik.com
1	px.ads.linkedin.com	esasguvenlik.com
1	www.googletagmanager.com	esasguvenlik.com
59	13

This site contains links to these domains. Also see Links.

Domain
www.rbfcu.org

Subject Issuer	Validity	Valid
*.esasguvenlik.com R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-21`	a year	crt.sh
*.segmint.net Amazon RSA 2048 M02	`2023-03-01` - `2023-12-30`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
content-cdn.com R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://esasguvenlik.com/wp-content/themes/kyc/
Frame ID: 455946FE27D56F59960A892B969EF635
Requests: 56 HTTP requests in this frame

Frame: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/adrum-xd.html
Frame ID: 7928449F905A3BA5495B12180BC32A07
Requests: 1 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.bf71fe39e20d2aa8ad53d37ab6377745.html
Frame ID: 41BD4CC099D1BE27490B187BA18A5D25
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RBFCU - Sign In

Page URL History Show full URLs

https://esasguvenlik.com/wp-content/themes/kyc HTTP 301
https://esasguvenlik.com/wp-content/themes/kyc/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

59
Requests

98 %
HTTPS

69 %
IPv6

13
Domains

13
Subdomains

14
IPs

4
Countries

3157 kB
Transfer

9636 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rbfcu.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://esasguvenlik.com/wp-content/themes/kyc HTTP 301
https://esasguvenlik.com/wp-content/themes/kyc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
esasguvenlik.com/wp-content/themes/kyc/
Redirect Chain

https://esasguvenlik.com/wp-content/themes/kyc
https://esasguvenlik.com/wp-content/themes/kyc/

63 KB
14 KB

142ms
141ms

Document
text/html

109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 3b5f15e3260cca4a0b4d5ced2ecba3c04987bc909073dc1f115e837cdc2ee596

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-type: text/html
date: Sun, 13 Aug 2023 15:06:45 GMT
etag: "fdae-64d800e6-42156c3aeccb986b;br"
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html
date: Sun, 13 Aug 2023 15:06:45 GMT
location: https://esasguvenlik.com/wp-content/themes/kyc/

GET
H2 200 adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 53 KB
20 KB 71ms
70ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: c467bda1165bf9045b308d280d552bce7c33d99d5a6c341d6093956a8b1da2a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "d381-64d800e7-f5713a04696abb01;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 insight.min.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 13 KB
5 KB 141ms
140ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/insight.min.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "351c-64d800e6-3f552b85e793694f;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 analytics.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 52 KB
24 KB 71ms
71ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/analytics.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "ceb4-64d800e6-360e5308389d9819;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 gtm.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 300 KB
114 KB 70ms
69ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/gtm.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 8f004670c4dbac13a6ad1b31f35e4808515f7f554651cfe8df0fdbf8d8c0059c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "4b1e0-64d800e6-96c9324db4148eb9;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 randolph-common_002.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 501 B
255 B 140ms
138ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_002.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: c3ea392d82c1bc2d170ff5e3908afb327715a29f7a84fee11bfda71c85a22026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "1f5-64d800e6-7c6faa453398481b;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 randolph-common_003.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 20 KB
8 KB 140ms
139ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 508b9489cab298838148ed39a37d62ab381ba9c673e153fe3aeafa0ce944e777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "51ab-64d800e6-e3c2ca91cac05150;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 randolph-common.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 290 KB
173 KB 72ms
69ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 7039dd4b6e25b3b0da841e618932e2a816097be6ef7a03d140aebb9bb9993c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "48831-64d800e6-912a4b89313033db;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 icon.css
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 571 B
447 B 141ms
139ms Stylesheet
text/css 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/icon.css
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: baca8c18e91cad6bdf8002173cec59015af5d6c11bb44040b29ca3832fa53dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "23b-64d800e6-b8d83d064f34dcd1;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 css.css
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 26 KB
1 KB 141ms
140ms Stylesheet
text/css 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/css.css
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 24d71357194f5f6fc24a294faeb1e17d9ff3f44f3f1ace21364ceb54c7a1fd5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "69ff-64d800e6-353e6f51daa59e7d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 trustev.min.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 35 KB
9 KB 208ms
207ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/trustev.min.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 32af4f2fc5fa005f5e129be5e61796337b091a0c6e8670f0b718350340d9d398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "8a3a-64d800e6-6bbfeb909629b12b;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 additional.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 72 B
129 B 209ms
207ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/additional.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: aa336a5c506ccf90651922b6545257b3130da8d8020e63c416a2242b22958d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "48-64d800e6-6c5c2032ed56e487;;;"
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 72
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 verification.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 791 B
558 B 77ms
74ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/verification.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 5400e75bc66806d500483dac515019bb0042ad2d595a2928a60bde4c5a59b084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "317-64d800e6-d13b6a42bed116e;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 js.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 243 KB
98 KB 209ms
208ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/js.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: ad2ec97cc29bc39d8dc3d917f0c16ecf870b22aed90156e23a4b03e6d91ff7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "3cb0a-64d800e6-cf0030e2b5fe7a8f;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 adrum-latest.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 111 KB
43 KB 279ms
277ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/adrum-latest.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: a6a1420f8ab5ad1b3760099a446859f6e47b713df0331aa53ed8f3562a2722e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "1ba86-64d800e7-bddc288c8e22024e;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 segmint.min.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 16 KB
6 KB 77ms
74ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/segmint.min.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: bbb6fd80dd733223ed988bcbaa33ccac8fa5488fd75927c3f071a23ff0beff5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "3f15-64d800e6-3a1e54be94114245;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 styles.6979cb0ab4da491abf2a.css
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 225 KB
54 KB 141ms
140ms Stylesheet
text/css 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/styles.6979cb0ab4da491abf2a.css
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 8a78d3c9afc0d4da1b1082a715463076193c2b881dd3b9bfb612075137c15ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "38290-64d800e6-aff60e14ae479536;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 common.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 260 KB
92 KB 279ms
278ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/common.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 58ed94893e4142be2847d35ed50d8c3cc9a9aca281143d7794658cb3adb82a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "40e59-64d800e7-56a124e055ffd411;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 util.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 159 KB
69 KB 279ms
278ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/util.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 143541f596e492db378b791f22a1bab26b16aba740a6b3627d09fe9e56323d66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "27ad7-64d800e6-cabba4e00b838a89;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 update-browser.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 1 KB
753 B 279ms
278ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/update-browser.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: eca4e8a9ec15f52484dd142c0330afc8b18f792a678a46ff0e0153f6b6320d86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "511-64d800e7-e27c48874012e064;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:45 GMT

GET
H2 200 rbfcu-logo.svg
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 5 KB
3 KB 78ms
75ms Image
image/svg+xml 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/rbfcu-logo.svg
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "1507-64d800e6-f2f9687cb57c1555;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 NCUA-logo-gray.svg
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 102 KB
33 KB 78ms
75ms Image
image/svg+xml 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/NCUA-logo-gray.svg
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 3dff3ca4b7e7bdeb6a9ee2c92c7141a270ab5f2373304299a99339ef96454759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "19884-64d800e6-bd15a109fd1cd4a;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 EHL-logo-gray.svg
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 2 KB
819 B 78ms
76ms Image
image/svg+xml 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/EHL-logo-gray.svg
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "64d-64d800e7-8c11d9586a7156af;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 runtime.32bf45fecb0575acfc2f.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 4 KB
3 KB 79ms
76ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/runtime.32bf45fecb0575acfc2f.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 180a8e7239e8636550ed79b7194d7f82645b7030bd2f99b417b7f9c153c9056b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "11a9-64d800e7-42c73efa229f3500;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 polyfills.8d842f0dbcbddf17adc5.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 188 KB
78 KB 79ms
76ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/polyfills.8d842f0dbcbddf17adc5.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: c72e39d5cbe0f6b5caaf21e0d614274b0dc0dd7a8e121ee88b72c0f3db95ea92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
etag: "2f157-64d800e6-559f7e0839d14b9f;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 scripts.b55470ab6cc97e7667fb.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 239 KB
96 KB 79ms
77ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/scripts.b55470ab6cc97e7667fb.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 7343e48c1f5d1a0e43164444d04642bbb947d0656c31372193207095d4af358e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "3bc9b-64d800e7-81ac8cbbdf76341;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 main.bcb66a5147e5444ce43c.js Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ 6 MB
2 MB 78ms
77ms Script
application/javascript 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/main.bcb66a5147e5444ce43c.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 2ef27711335b46a6f6a453b712c7965a60ca926c51a9e2e736a4c056c3c3286e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 22:00:07 GMT
etag: "5d116b-64d800e7-45b6735d5235b198;br"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:06:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
92 KB 201ms
66ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B5PGN

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed640af71c4bdc1663474042b056ecbfbee1fa832ac0e61184e03358a21cafa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 15:06:46 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
533 B 349ms
210ms Image
application/javascript 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1691939205678&url=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3A6B8F7F5F2D4DAC9C708FA5701CB831 Ref B: FRAEDGE1305 Ref C: 2023-08-13T15:06:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCz0tfsWAIjxVQb6nW3A==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 243 KB
78 KB 165ms
76ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC2AdLpShQk1DnoA0NHjCvvZQUevNDYHlQ

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7a83e1c177da24a5a77a089f69c10a3db6a4387fb4eb58fa46b81773c424d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 13 Aug 2023 15:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79990
x-xss-protection: 0

GET
H2 200 adrum-latest.js Show response
cdn.appdynamics.com/adrum/ 111 KB
40 KB 163ms
51ms Script
application/javascript 3.161.119.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-111.vie50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: a6a1420f8ab5ad1b3760099a446859f6e47b713df0331aa53ed8f3562a2722e1

Request headers

Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 30 Jul 2023 07:20:56 GMT
content-encoding: gzip
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 1237549
x-cache: Hit from cloudfront
last-modified: Thu, 29 Jun 2023 15:00:06 GMT
server: nginx/1.16.1
etag: W/"649d9c76-1ba86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b2je1Zy6G15hiycu8t_swF-r0hCWWdQAjD96J0VeMip3Czd2EcA_2w==

GET
H/1.1 200
OK segmint.min.js Show response
cdn.segmint.net/ 16 KB
16 KB 184ms
45ms Script
application/javascript 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/segmint.min.js
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb6fd80dd733223ed988bcbaa33ccac8fa5488fd75927c3f071a23ff0beff5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 06:12:10 GMT
Via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Last-Modified: Wed, 22 Mar 2023 12:29:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 32120
x-amz-server-side-encryption: AES256
ETag: "17b0c0ee75dfe9def11b42b282a91667"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age:900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16149
X-Amz-Cf-Id: Pc4QVNTi4aW2UaSD7gFg_t6XY3ojizRXobNXUKMedgp1mbutnwWp-g==

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 142ms
60ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://esasguvenlik.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 137ms
108ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://esasguvenlik.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 adrum-xd.html Show response
esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/ Frame 7928 2 KB
1 KB 153ms
153ms Document
text/html 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/adrum-xd.html
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: 72cb4d23cade810f02216e81e16b25af8b4b1354cab860de2ea8469bc7183fd8

Request headers

Referer: https://esasguvenlik.com/wp-content/themes/kyc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-type: text/html
date: Sun, 13 Aug 2023 15:06:46 GMT
etag: "812-64d800e6-c3b32d0e5bb1cebe;br"
last-modified: Sat, 12 Aug 2023 22:00:06 GMT
vary: Accept-Encoding

GET
H2 200 white-phone-header.8a484898163483972d21.svg
esasguvenlik.com/online/ 4 KB
4 KB 129ms
129ms Image
text/html 109.232.216.100
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esasguvenlik.com/online/white-phone-header.8a484898163483972d21.svg
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 109.232.216.100 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc99.turhost.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/wp-content/themes/kyc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: br
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges: bytes
etag: "1071-0-ee125477f2116a2c;br"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 154ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://esasguvenlik.com/
Origin: https://esasguvenlik.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 07:04:19 GMT
x-content-type-options: nosniff
age: 288147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Aug 2024 07:04:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 164ms
77ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1085500279&t=pageview&_s=1&dl=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1863702154&gjid=274517120&cid=522163926.1691939206&tid=UA-6286893-1&_gid=1678169106.1691939206&_r=1&_slc=1&gtm=45He3870n715B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=esasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&z=2088748160

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:06:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://esasguvenlik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 13:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4623
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 13 Aug 2023 15:49:43 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 140ms
40ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=81763
accept-ranges: bytes
content-length: 4862

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 157ms
64ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 13 Aug 2023 15:06:45 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7214348F08A74A6A80817BCB22CAF5E0 Ref B: FRA31EDGE0605 Ref C: 2023-08-13T15:06:46Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 dWdnY2Y6Ly9yZm5mdGhpcmF5dngucGJ6L2pjLXBiYWdyYWcvZ3VyenJmL3hscC8=.gif
content-cdn.com/990/ 42 B
185 B 512ms
256ms Image
image/gif 52.21.2.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content-cdn.com/990/dWdnY2Y6Ly9yZm5mdGhpcmF5dngucGJ6L2pjLXBiYWdyYWcvZ3VyenJmL3hscC8=.gif

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.21.2.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-2-28.compute-1.amazonaws.com

Software

envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:06:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 138
server: envoy
content-length: 42
vary: Origin
content-type: image/gif

GET
H/1.1 200
OK 9c5f6414-c968-4bd7-a81b-b661f66a7000.json Show response
cdn.segmint.net/ 161 B
771 B 53ms
53ms XHR
application/json 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aa159eea82ebc0d001771c5962ad5e577d5f73a5c0e728d5cbfd19eebfb5219

Request headers

Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 13 Aug 2023 15:06:46 GMT
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 351
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 161
Last-Modified: Wed, 11 Mar 2020 20:19:54 GMT
Server: AmazonS3
ETag: "8c239da2fb85196f49a8f207ae300041"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: DGtNez7NipSalg-8NUCcrt5s7uEyFl971cPU8qNPT_-bfTF_AFEiQA==

OPTIONS
H/1.1 200
OK 9c5f6414-c968-4bd7-a81b-b661f66a7000.json
cdn.segmint.net/ Frame 0
0 503ms
421ms Preflight 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://esasguvenlik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 13 Aug 2023 15:06:47 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NNWY5VXcRbHs2QMcGYqEI41X6EBeRxrt2_ItdhAcdi9sqqQjGmAA3w==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 149ms
49ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6286893-1&cid=522163926.1691939206&jid=1863702154&gjid=274517120&_gid=1678169106.1691939206&_u=aEBAAEAAEAAAACAAI~&z=2120124929

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Aug 2023 15:06:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://esasguvenlik.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK 9c5f6414-c968-4bd7-a81b-b661f66a7000.json
cdn.segmint.net/ Frame 0
0 499ms
413ms Preflight 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://esasguvenlik.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 13 Aug 2023 15:06:47 GMT
Server: AmazonS3
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: P8OdTW5XjRpDHS0ji0UU4BdlwIO0Fi_coskHPg1H6sq8m2Rlegz3IA==
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront

GET
H/1.1 200
OK 9c5f6414-c968-4bd7-a81b-b661f66a7000.json Show response
cdn.segmint.net/ 161 B
771 B 40ms
40ms XHR
application/json 99.86.4.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segmint.net/9c5f6414-c968-4bd7-a81b-b661f66a7000.json
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-104.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aa159eea82ebc0d001771c5962ad5e577d5f73a5c0e728d5cbfd19eebfb5219

Request headers

Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 13 Aug 2023 15:06:46 GMT
Via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Age: 351
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 161
Last-Modified: Wed, 11 Mar 2020 20:19:54 GMT
Server: AmazonS3
ETag: "8c239da2fb85196f49a8f207ae300041"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: AaR5lJ8N_h2bcTWy0UwG7qhSAAZGyOgNdethKoo46PiBI1VFZIwV2w==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2367698/domain/esasguvenlik.com/ 36 B
399 B 168ms
45ms XHR
application/json 2600:9000:2304:7000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2367698/domain/esasguvenlik.com/token
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common_003.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:7000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://esasguvenlik.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:48:51 GMT
content-encoding: gzip
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 1075
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-amz-cf-id: pceWZhN0r_7MHUADUnWzBFmaONXWYff-ccBzCoKA2aOcWTV7ICDlfA==

GET
H2 204 4031169.js Show response
bat.bing.com/p/action/ 0
118 B 64ms
64ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4031169.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 13 Aug 2023 15:06:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 59F58F6ADF0B4BCBB0A387C74327F427 Ref B: FRA31EDGE0605 Ref C: 2023-08-13T15:06:46Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 98ms
98ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4031169&Ver=2&mid=02e58aee-65d9-429b-823c-04fdb65f4096&sid=0556160039eb11eea700d17001c0218d&vid=0556073039eb11ee9ba32991366ba1d8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=RBFCU%20-%20Sign%20In&p=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&r=&evt=pageLoad&sv=1&rn=399798

Requested by

Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 13 Aug 2023 15:06:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC36D3A6A23143A6BACA885B29DE5E71 Ref B: FRA31EDGE0605 Ref C: 2023-08-13T15:06:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 56468533-84ac-48da-b8e9-dbc9b1de2536
https://esasguvenlik.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://esasguvenlik.com/56468533-84ac-48da-b8e9-dbc9b1de2536
Requested by: Host: esasguvenlik.com
URL: https://esasguvenlik.com/wp-content/themes/kyc/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H2 200 adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js Show response
cdn.appdynamics.com/ 53 KB
21 KB 51ms
51ms Script
application/javascript 3.161.119.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.bf71fe39e20d2aa8ad53d37ab6377745.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-111.vie50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: c467bda1165bf9045b308d280d552bce7c33d99d5a6c341d6093956a8b1da2a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 12:03:30 GMT
content-encoding: gzip
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 2343796
x-cache: Hit from cloudfront
last-modified: Tue, 27 Jun 2023 21:01:36 GMT
server: nginx/1.16.1
etag: W/"649b4e30-d381"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TbE5-OsBETezMEamP_XrHYPaCVsiPlH6elArz_1EJNKAdBrNoj0ZDQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1085500279&t=event&ni=1&_s=1&dl=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwp-content%2Fthemes%2Fkyc%2F&el=25%25&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=522163926.1691939206&tid=UA-6286893-1&_gid=1678169106.1691939206&gtm=45He3870n715B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=esasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=1092681714

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 08:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23175
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1085500279&t=event&ni=1&_s=1&dl=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwp-content%2Fthemes%2Fkyc%2F&el=50%25&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=522163926.1691939206&tid=UA-6286893-1&_gid=1678169106.1691939206&gtm=45He3870n715B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=esasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=858393884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 08:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23175
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1085500279&t=event&ni=1&_s=1&dl=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwp-content%2Fthemes%2Fkyc%2F&el=75%25&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=522163926.1691939206&tid=UA-6286893-1&_gid=1678169106.1691939206&gtm=45He3870n715B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=esasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=2079146839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 08:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23175
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 42ms
41ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1085500279&t=event&ni=1&_s=1&dl=https%3A%2F%2Fesasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&ul=en-us&de=UTF-8&dt=RBFCU%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwp-content%2Fthemes%2Fkyc%2F&el=100%25&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=522163926.1691939206&tid=UA-6286893-1&_gid=1678169106.1691939206&gtm=45He3870n715B5PGN&cd4=GTM-5B5PGN%20-%2043&cd5=&cd6=&cd7=esasguvenlik.com%2Fwp-content%2Fthemes%2Fkyc%2F&cd3=GA%20-%20Event%20-%20Scroll%20Depth&z=868065985

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 08:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23175
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adrum-xd.bf71fe39e20d2aa8ad53d37ab6377745.html Show response
cdn.appdynamics.com/ Frame 41BD 2 KB
2 KB 45ms
45ms Document
text/html 3.161.119.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-xd.bf71fe39e20d2aa8ad53d37ab6377745.html
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-111.vie50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 989cd8e034dc60b3da89fbdde11c85265b2da34a596072c356e3315c2878db0f

Request headers

Referer: https://esasguvenlik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
age: 1579442
cache-control: public, max-age=2678400, s-max-age=14400
content-encoding: gzip
content-type: text/html
date: Wed, 26 Jul 2023 08:22:45 GMT
etag: W/"649b4e30-7c8"
last-modified: Tue, 27 Jun 2023 21:01:36 GMT
server: nginx/1.16.1
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 b361826db8fe26bb15e77b0e0bcfb382.cloudfront.net (CloudFront)
x-amz-cf-id: 0TWOGzmDH9bV9L1bGjPqGzXiH3X_BOmBPstk0tW2mp_tcuioCCihAg==
x-amz-cf-pop: VIE50-P2
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/intl/de_ALL/ 260 KB
57 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/intl/de_ALL/common.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa7fcb7413f7b6cb9c0a76aadaa23a5e73ea367785cfc859a21dda19f6f226c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 06:04:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 464547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57809
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 06:04:24 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/53/14/intl/de_ALL/ 159 KB
50 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/53/14/intl/de_ALL/util.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21627001b40dde45bb3ba2d7d613cd6f42c438eb81ab924ddc56e14052b932e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://esasguvenlik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 22:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51142
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 04:14:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Aug 2024 22:55:12 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Randolph Brooks Federal Credit Union (Banking)

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.esasguvenlik.com/	1970-01-20 23:34:59	Name: _ga Value: GA1.2.522163926.1691939206
.esasguvenlik.com/	1970-01-20 14:00:25	Name: _gid Value: GA1.2.1678169106.1691939206
.esasguvenlik.com/	1970-01-20 13:58:59	Name: _gat_UA-6286893-1 Value: 1
.linkedin.com/	1970-01-20 22:44:35	Name: bcookie Value: "v=2&c384486a-8ee7-43ce-83d9-ef8507c783a8"
.linkedin.com/	1970-01-20 14:00:25	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2612:u=1:x=1:i=1691939206:t=1692025606:v=2:sig=AQENwPF-VfX0OkN6YqrF3ZiVdWKE3j3E"
.esasguvenlik.com/	1970-01-20 14:00:25	Name: _uetsid Value: 0556160039eb11eea700d17001c0218d
.esasguvenlik.com/	1970-01-20 23:20:35	Name: _uetvid Value: 0556073039eb11ee9ba32991366ba1d8
.bing.com/	1970-01-20 23:20:35	Name: MUID Value: 2DA0E7120E016C6B31D6F47E0F8A6D21
esasguvenlik.com/	1970-01-20 14:00:25	Name: ln_or Value: eyIyMzY3Njk4IjoiZCJ9

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://esasguvenlik.com/wp-content/themes/kyc/(Line 57) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC2AdLpShQk1DnoA0NHjCvvZQUevNDYHlQ, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://esasguvenlik.com/wp-content/themes/kyc/(Line 57) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyC2AdLpShQk1DnoA0NHjCvvZQUevNDYHlQ, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://esasguvenlik.com/wp-content/themes/kyc/(Line 58) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.appdynamics.com/adrum/adrum-latest.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering	warning	URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://esasguvenlik.com/wp-content/themes/kyc/RBFCU%20-%20Sign%20In_files/randolph-common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.appdynamics.com
cdn.linkedin.oribi.io
cdn.segmint.net
content-cdn.com
esasguvenlik.com
fonts.gstatic.com
maps.googleapis.com
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
109.232.216.100
2600:9000:2304:7000:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:400c:c0b::9a
2a02:26f0:3500:16::215:149b
3.161.119.111
52.21.2.28
99.86.4.104
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884
0aa159eea82ebc0d001771c5962ad5e577d5f73a5c0e728d5cbfd19eebfb5219
143541f596e492db378b791f22a1bab26b16aba740a6b3627d09fe9e56323d66
180a8e7239e8636550ed79b7194d7f82645b7030bd2f99b417b7f9c153c9056b
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
21627001b40dde45bb3ba2d7d613cd6f42c438eb81ab924ddc56e14052b932e4
24d71357194f5f6fc24a294faeb1e17d9ff3f44f3f1ace21364ceb54c7a1fd5a
2ef27711335b46a6f6a453b712c7965a60ca926c51a9e2e736a4c056c3c3286e
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
32af4f2fc5fa005f5e129be5e61796337b091a0c6e8670f0b718350340d9d398
3b5f15e3260cca4a0b4d5ced2ecba3c04987bc909073dc1f115e837cdc2ee596
3dff3ca4b7e7bdeb6a9ee2c92c7141a270ab5f2373304299a99339ef96454759
508b9489cab298838148ed39a37d62ab381ba9c673e153fe3aeafa0ce944e777
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5400e75bc66806d500483dac515019bb0042ad2d595a2928a60bde4c5a59b084
58ed94893e4142be2847d35ed50d8c3cc9a9aca281143d7794658cb3adb82a9c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7039dd4b6e25b3b0da841e618932e2a816097be6ef7a03d140aebb9bb9993c86
72cb4d23cade810f02216e81e16b25af8b4b1354cab860de2ea8469bc7183fd8
7343e48c1f5d1a0e43164444d04642bbb947d0656c31372193207095d4af358e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a78d3c9afc0d4da1b1082a715463076193c2b881dd3b9bfb612075137c15ec5
8f004670c4dbac13a6ad1b31f35e4808515f7f554651cfe8df0fdbf8d8c0059c
989cd8e034dc60b3da89fbdde11c85265b2da34a596072c356e3315c2878db0f
a6a1420f8ab5ad1b3760099a446859f6e47b713df0331aa53ed8f3562a2722e1
aa336a5c506ccf90651922b6545257b3130da8d8020e63c416a2242b22958d47
ad2ec97cc29bc39d8dc3d917f0c16ecf870b22aed90156e23a4b03e6d91ff7a3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
baca8c18e91cad6bdf8002173cec59015af5d6c11bb44040b29ca3832fa53dd0
bbb6fd80dd733223ed988bcbaa33ccac8fa5488fd75927c3f071a23ff0beff5f
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c3ea392d82c1bc2d170ff5e3908afb327715a29f7a84fee11bfda71c85a22026
c467bda1165bf9045b308d280d552bce7c33d99d5a6c341d6093956a8b1da2a5
c72e39d5cbe0f6b5caaf21e0d614274b0dc0dd7a8e121ee88b72c0f3db95ea92
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7a83e1c177da24a5a77a089f69c10a3db6a4387fb4eb58fa46b81773c424d64
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca4e8a9ec15f52484dd142c0330afc8b18f792a678a46ff0e0153f6b6320d86
ed640af71c4bdc1663474042b056ecbfbee1fa832ac0e61184e03358a21cafa0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fa7fcb7413f7b6cb9c0a76aadaa23a5e73ea367785cfc859a21dda19f6f226c9

esasguvenlik.com Open in urlscan Pro 109.232.216.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

98 %HTTPS

69 %IPv6

13 Domains

13 Subdomains

14 IPs

4 Countries

3157 kBTransfer

9636 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

esasguvenlik.com Open in urlscan Pro
109.232.216.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

98 %
HTTPS

69 %
IPv6

13
Domains

13
Subdomains

14
IPs

4
Countries

3157 kB
Transfer

9636 kB
Size

9
Cookies

59 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!