secure-sahibindenparamguvende-com.tk Open in urlscan Pro
20.223.132.10  Malicious Activity! Public Scan

Submitted URL: http://secure-sahibindenparamguvende-com.tk/
Effective URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Submission: On April 28 via api from GB — Scanned from GB

Summary

This website contacted 5 IPs in 4 countries across 3 domains to perform 29 HTTP transactions. The main IP is 20.223.132.10, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secure-sahibindenparamguvende-com.tk.
TLS certificate: Issued by R3 on April 27th 2022. Valid for: 3 months.
This is the only time secure-sahibindenparamguvende-com.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sahibinden (Classifieds)

Domain & IP information

IP Address AS Autonomous System
2 22 20.223.132.10 8075 (MICROSOFT...)
7 2a03:90c0:41:... 199524 (GCORE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.154.209.182 200350 (YANDEXCLOUD)
29 5
Apex Domain
Subdomains
Transfer
22 secure-sahibindenparamguvende-com.tk
secure-sahibindenparamguvende-com.tk
159 KB
8 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 30719
node-ya13.jivosite.com — Cisco Umbrella Rank: 175869
355 KB
1 hizliresim.com
i.hizliresim.com — Cisco Umbrella Rank: 135214
136 KB
29 3
Domain Requested by
22 secure-sahibindenparamguvende-com.tk 2 redirects secure-sahibindenparamguvende-com.tk
7 code.jivosite.com secure-sahibindenparamguvende-com.tk
code.jivosite.com
1 node-ya13.jivosite.com code.jivosite.com
1 i.hizliresim.com secure-sahibindenparamguvende-com.tk
29 4
Subject Issuer Validity Valid
secure-sahibindenparamguvende-com.tk
R3
2022-04-27 -
2022-07-26
3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2
2020-04-05 -
2022-06-04
2 years crt.sh
*.hizliresim.com
E1
2022-03-30 -
2022-06-28
3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Frame ID: 595A441AAC7B6D145DCD3AA4510FD519
Requests: 32 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://secure-sahibindenparamguvende-com.tk/ HTTP 301
    https://secure-sahibindenparamguvende-com.tk/ Page URL
  2. https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f HTTP 301
    https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/ Page URL

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

4
Countries

650 kB
Transfer

2382 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure-sahibindenparamguvende-com.tk/ HTTP 301
    https://secure-sahibindenparamguvende-com.tk/ Page URL
  2. https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f HTTP 301
    https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://secure-sahibindenparamguvende-com.tk/ HTTP 301
  • https://secure-sahibindenparamguvende-com.tk/

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
secure-sahibindenparamguvende-com.tk/
Redirect Chain
  • http://secure-sahibindenparamguvende-com.tk/
  • https://secure-sahibindenparamguvende-com.tk/
94 B
313 B
Document
General
Full URL
https://secure-sahibindenparamguvende-com.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
105
content-type
text/html
date
Thu, 28 Apr 2022 09:37:06 GMT
etag
"5e-5d770bab0a100-gzip"
last-modified
Mon, 07 Feb 2022 17:14:12 GMT
server
nginx
vary
Accept-Encoding
x-accel-version
0.01
x-powered-by
PleskLin

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 28 Apr 2022 09:37:06 GMT
Location
https://secure-sahibindenparamguvende-com.tk/
Server
nginx
Primary Request /
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Redirect Chain
  • https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f
  • https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
556 KB
103 KB
Document
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d43faf6a9449cb0af0c2ceb392f093469f0421439b486ad0427b6085b72aaffd

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Thu, 28 Apr 2022 09:37:06 GMT
etag
W/"626a5e3d-8b0eb"
last-modified
Thu, 28 Apr 2022 09:28:29 GMT
server
nginx
x-powered-by
PleskLin

Redirect headers

content-length
394
content-type
text/html; charset=iso-8859-1
date
Thu, 28 Apr 2022 09:37:06 GMT
location
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
server
nginx
x-powered-by
PleskLin
iIj3o4Ji9r
code.jivosite.com/widget/
17 KB
6 KB
Script
General
Full URL
https://code.jivosite.com/widget/iIj3o4Ji9r
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b9fb147e8ae45337833ad0499de29f4ada3dd85f0f317c718a9be95e5d090297

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2022-04-27T22:41:17+00:00
x-geo-shard
ya
content-length
5925
last-modified
Thu, 21 Apr 2022 08:40:29 GMT
server
nginx
etag
"6261187d-1725"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=7200
cache
STALE
accept-ranges
bytes
expires
Wed, 27 Apr 2022 17:53:05 GMT
tkluav9.png
i.hizliresim.com/
135 KB
136 KB
Image
General
Full URL
https://i.hizliresim.com/tkluav9.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
084927bfd72645e81fc335c9ebcd123fe67daccb7b5cc39c9cce9eaa6903e17d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
C865748F3D0E29D0
cf-polished
origFmt=png, origSize=308031
content-disposition
inline; filename="tkluav9.webp"
x-amz-id-2
+lQz0AuEMgjGM9DMXKFgT5hr9REzuEitgIS6MnB9lxgP+Phtv1vw47uQ7Qe/v5ANB1oyH4X/Bhn5
last-modified
Thu, 28 Apr 2022 09:24:59 GMT
server
cloudflare
etag
W/"2e18d3d861e53d48975b73fe25d1d690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FryzFys%2FNY%2BGuyN2KNTaShANliZsihbUYrdCgUFN0D0%2FCQ32V4P6ySxXxCAPg0ahr5Nz1MdPMxNbeLFc3hdcKEpUAh1GJE6E2Xgf%2BFbd60PcJ5I38Duec6SFJLTCt9eOcAaA9aEdSisussxGCrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 05 May 2022 09:25:01 GMT
cache-control
max-age=604800
cf-ray
702ed140cf50776d-LHR
cf-bgj
imgq:100,h2pri
kk_onyuz_amex5e54744a1a52232b43d415acb9582671.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
437 B
606 B
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/kk_onyuz_amex5e54744a1a52232b43d415acb9582671.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5b5336f4d0a9c38c66a4115964b2179b41d37ad63cd1ee00cfc218192b839311

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
etag
"1b5-5cd03643f0180"
last-modified
Tue, 28 Sep 2021 00:35:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
437
kk_onyuz_defaultb6f656c5f31b93ffb03fd115f293e2cb.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
326 B
495 B
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/kk_onyuz_defaultb6f656c5f31b93ffb03fd115f293e2cb.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a35a1e83df7a377b4276b1327aab46f50f7e1a3834dc4f3d4d8497103e09a732

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
etag
"146-5cd03643f0180"
last-modified
Tue, 28 Sep 2021 00:35:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
326
header8ea4db8447fdc3b5e6a5a10df4e706d7.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
47 KB
47 KB
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/header8ea4db8447fdc3b5e6a5a10df4e706d7.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
259f8601c84926f0d1a06795a45d76c4deb33b63c1ca3432b50db9609dfa9c75

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
last-modified
Tue, 28 Sep 2021 00:35:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"61526358-ba81"
content-type
image/png
accept-ranges
bytes
content-length
47745
truncated
/
35 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/jpeg
LucidaGrande:ac6eab3860943d84118563394a9d86b3.woff
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/LucidaGrande:ac6eab3860943d84118563394a9d86b3.woff
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
footer:431f7032690d6f5c31a44bc8e7413480.png
secure-sahibindenparamguvende-com.tk/assets/images/
808 B
808 B
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/images/footer:431f7032690d6f5c31a44bc8e7413480.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
secure-sahibindenparamguvende-com.tk/assets/images/
808 B
808 B
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/images/group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
LucidaGrande-Bold:d6dc488393ebe0e7e04044b162f0967a.woff
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/LucidaGrande-Bold:d6dc488393ebe0e7e04044b162f0967a.woff
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
email-decode.min.js
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/cdn-cgi/scripts/5c5dd728/cloudflare-static/
0
0
Script
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
paris-secure5901124c86292eab71a18bb98eb32882.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
1 KB
2 KB
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/paris-secure5901124c86292eab71a18bb98eb32882.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ea49bae2caa7c68be52d53a86906b2dd0df58a9962f2c73011508d993784d5d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
last-modified
Tue, 28 Sep 2021 00:35:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"61526356-5b3"
content-type
image/png
accept-ranges
bytes
content-length
1459
paris-shipping57431b3f008cab82f48d881da608e5ec.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
1 KB
1 KB
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/paris-shipping57431b3f008cab82f48d881da608e5ec.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b267eccff7cac3cc84281bc08777ab5f58a3b925f10c6423a8eb6b48f91b8e14

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
last-modified
Tue, 28 Sep 2021 00:35:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"61526356-568"
content-type
image/png
accept-ranges
bytes
content-length
1384
paris-installment227032effd36f6a196d57fe2abd2d3cf.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
823 B
992 B
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/paris-installment227032effd36f6a196d57fe2abd2d3cf.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
60769387b8e3b5a4e390c0b90dab0a010499cd6a0adcdf80f0afe283a3e000b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
etag
"337-5dd8bd7179d42"
last-modified
Tue, 26 Apr 2022 10:06:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
823
paris-return8c2514a32579e65fbc8f9f55ab169ca7.png
secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/
1 KB
2 KB
Image
General
Full URL
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/assets/images/paris-return8c2514a32579e65fbc8f9f55ab169ca7.png
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2f045d25fe7734d848f1d3606f7bcf1e42a71b28eabedcbce4dc7ecc394ed862

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
last-modified
Tue, 28 Sep 2021 00:35:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"61526356-59c"
content-type
image/png
accept-ranges
bytes
content-length
1436
AvenirNextLTW04-Medium:0593ca00c5a519fc8a6401f235793b1e.woff
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextLTW04-Medium:0593ca00c5a519fc8a6401f235793b1e.woff
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
AvenirNextW04-Demi:71c9ab83a35d5b47858cf615b4d57b91.woff
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextW04-Demi:71c9ab83a35d5b47858cf615b4d57b91.woff
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
AvenirNextLTW04-Medium:d368750b9ae601515fcda40e5c46ea45.ttf
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextLTW04-Medium:d368750b9ae601515fcda40e5c46ea45.ttf
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
AvenirNextW04-Demi:93aa83272eb53f08244a3637b0b1e970.ttf
secure-sahibindenparamguvende-com.tk/assets/blob/
0
0
Font
General
Full URL
https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextW04-Demi:93aa83272eb53f08244a3637b0b1e970.ttf
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.223.132.10 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/255hg5h35fg235gfhf3h5g25fg25h2f/
Origin
https://secure-sahibindenparamguvende-com.tk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 09:37:06 GMT
content-encoding
br
last-modified
Tue, 26 Apr 2022 09:47:36 GMT
server
nginx
etag
W/"328-5dd8b952bdc4e"
content-type
text/html
iIj3o4Ji9r
code.jivosite.com/script/widget/config/
3 KB
1 KB
XHR
General
Full URL
https://code.jivosite.com/script/widget/config/iIj3o4Ji9r
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/iIj3o4Ji9r
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
259c15a100ea2c4f35ebe579e14392ec5ee9014c24f35e10e9f1ae05e4bf75f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Thu, 28 Apr 2022 09:37:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cached-since
2022-04-27T22:41:17+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
STALE
accept-ranges
bytes
x-geo-shard
ya
content-length
1075
via
1.1 sharxy
expires
Thu, 28 Apr 2022 00:41:17 GMT
iIj3o4Ji9r
node-ya13.jivosite.com/widget/status/1970777/
214 B
547 B
XHR
General
Full URL
https://node-ya13.jivosite.com/widget/status/1970777/iIj3o4Ji9r?rnd=0.6792401943538124
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/iIj3o4Ji9r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.154.209.182 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
foxy /
Resource Hash
c35fdab8a8f6d1621f71e99405b1de6b4c2a189da0b98015e6c3361d7d34a4ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
server
foxy
x-botmode
no
x-geoip
GB;ENG;London
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure-sahibindenparamguvende-com.tk
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
214
date
Thu, 28 Apr 2022 09:37:08 GMT
bundle_tr.js
code.jivosite.com/js/
1 MB
282 KB
Script
General
Full URL
https://code.jivosite.com/js/bundle_tr.js?rand=1651066241
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/widget/iIj3o4Ji9r
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
065f366d510f2532215d4be45942814f189a719aa10769061aae6b57af55e3e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Thu, 28 Apr 2022 09:37:09 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2022-04-27T13:32:00+00:00
x-geo-shard
ya
content-length
288294
last-modified
Thu, 21 Apr 2022 08:41:45 GMT
server
nginx
etag
"626118c9-46626"
vary
Accept-Encoding
content-type
application/javascript
via
threatpulse, 1.1 sharxy
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivosite.com/css/77034a4/
242 KB
51 KB
Stylesheet
General
Full URL
https://code.jivosite.com/css/77034a4/widget.css
Requested by
Host: secure-sahibindenparamguvende-com.tk
URL: https://secure-sahibindenparamguvende-com.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8f7376eb3847c6184807f082ad5e4724d2081d54cddf69759340e3971ff99e25

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://secure-sahibindenparamguvende-com.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 28 Apr 2022 09:37:10 GMT
content-encoding
br
x-cached-since
2022-04-27T13:30:58+00:00
x-geo-shard
ya
content-length
51687
last-modified
Thu, 21 Apr 2022 08:41:23 GMT
server
nginx
etag
"626118b3-c9e7"
vary
Accept-Encoding
content-type
text/css
via
1.1 sharxy
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Sat, 07 May 2022 13:30:58 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
238458332b22ccf7d78deac5a932f7d56fabaee575b8a1df679c46a65aa4583c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/
4 KB
4 KB
Media
General
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc34
date
Thu, 28 Apr 2022 09:37:10 GMT
via
1.1 sharxy
x-cached-since
2022-04-15T10:33:43+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
ya
Content-Length
3760
last-modified
Wed, 30 Mar 2022 14:36:10 GMT
server
nginx
etag
"62446ada-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 15 May 2022 10:33:43 GMT
notification.mp3
code.jivosite.com/sounds/
6 KB
6 KB
Media
General
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc32
date
Thu, 28 Apr 2022 09:37:10 GMT
via
1.1 sharxy
x-cached-since
2022-04-15T10:47:14+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
ya
Content-Length
5808
last-modified
Wed, 30 Mar 2022 14:36:10 GMT
server
nginx
etag
"62446ada-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 15 May 2022 10:47:14 GMT
outgoing_message.mp3
code.jivosite.com/sounds/
5 KB
5 KB
Media
General
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://secure-sahibindenparamguvende-com.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc32
date
Thu, 28 Apr 2022 09:37:10 GMT
via
1.1 sharxy
x-cached-since
2022-04-15T10:47:49+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
ya
Content-Length
5014
last-modified
Wed, 30 Mar 2022 14:36:10 GMT
server
nginx
etag
"62446ada-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 15 May 2022 10:47:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sahibinden (Classifieds)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| __jivoOnError boolean| __hasStorage function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api

0 Cookies

11 Console Messages

Source Level URL
Text
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/images/group-2:aa3f890f7a83e1ccf00f8a24b53f033b.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextLTW04-Medium:01966d00d03af3048b3f7a35b000f3a6.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/images/footer:431f7032690d6f5c31a44bc8e7413480.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/LucidaGrande:ac6eab3860943d84118563394a9d86b3.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextW04-Demi:ff4b64120fd7273a6eea62db3bf1eee5.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/LucidaGrande-Bold:d6dc488393ebe0e7e04044b162f0967a.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/guvenli-ode/odeme-yap/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextLTW04-Medium:0593ca00c5a519fc8a6401f235793b1e.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextW04-Demi:71c9ab83a35d5b47858cf615b4d57b91.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextW04-Demi:93aa83272eb53f08244a3637b0b1e970.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure-sahibindenparamguvende-com.tk/assets/blob/AvenirNextLTW04-Medium:d368750b9ae601515fcda40e5c46ea45.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jivosite.com
i.hizliresim.com
node-ya13.jivosite.com
secure-sahibindenparamguvende-com.tk
178.154.209.182
20.223.132.10
2606:4700:20::681a:3da
2a03:90c0:41:2801::254
065f366d510f2532215d4be45942814f189a719aa10769061aae6b57af55e3e0
084927bfd72645e81fc335c9ebcd123fe67daccb7b5cc39c9cce9eaa6903e17d
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
238458332b22ccf7d78deac5a932f7d56fabaee575b8a1df679c46a65aa4583c
259c15a100ea2c4f35ebe579e14392ec5ee9014c24f35e10e9f1ae05e4bf75f2
259f8601c84926f0d1a06795a45d76c4deb33b63c1ca3432b50db9609dfa9c75
2f045d25fe7734d848f1d3606f7bcf1e42a71b28eabedcbce4dc7ecc394ed862
5b5336f4d0a9c38c66a4115964b2179b41d37ad63cd1ee00cfc218192b839311
60769387b8e3b5a4e390c0b90dab0a010499cd6a0adcdf80f0afe283a3e000b8
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307
8f7376eb3847c6184807f082ad5e4724d2081d54cddf69759340e3971ff99e25
a35a1e83df7a377b4276b1327aab46f50f7e1a3834dc4f3d4d8497103e09a732
affe37b465da5c8e7605b32ce0f19dd9c4d10a73f9a9c73484c98336bb6af25d
b267eccff7cac3cc84281bc08777ab5f58a3b925f10c6423a8eb6b48f91b8e14
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
b9fb147e8ae45337833ad0499de29f4ada3dd85f0f317c718a9be95e5d090297
c35fdab8a8f6d1621f71e99405b1de6b4c2a189da0b98015e6c3361d7d34a4ba
d43faf6a9449cb0af0c2ceb392f093469f0421439b486ad0427b6085b72aaffd
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
ea49bae2caa7c68be52d53a86906b2dd0df58a9962f2c73011508d993784d5d3
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43