signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr Open in urlscan Pro
109.232.216.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Submission: On November 27 via automatic, source openphish (November 27th 2020, 1:35:34 pm UTC)

Summary HTTP 31 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 109.232.216.219, located in Istanbul, Turkey and belongs to AEROTEK-AS, TR. The main domain is signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr.

This is the only time signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	109.232.216.219 109.232.216.219	42807 (AEROTEK-AS) (AEROTEK-AS)
1	209.140.129.54 209.140.129.54	11643 (EBAY) (EBAY)
1	13.224.93.112 13.224.93.112	16509 (AMAZON-02) (AMAZON-02)
1 2	13.224.93.119 13.224.93.119	16509 (AMAZON-02) (AMAZON-02)
1	52.5.0.90 52.5.0.90	14618 (AMAZON-AES) (AMAZON-AES)
3	54.174.77.43 54.174.77.43	14618 (AMAZON-AES) (AMAZON-AES)
5	18.213.255.128 18.213.255.128	14618 (AMAZON-AES) (AMAZON-AES)
31	8

16 109.232.216.219 (Istanbul, Turkey)

ASN42807 (AEROTEK-AS, TR)
PTR: srvc219.trwww.com

signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.129.54 (United States)

ASN11643 (EBAY, US)

srv.de.ebayrtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-112.zrh50.r.cloudfront.net

adf0901f1861.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.93.119 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-119.zrh50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.0.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-0-90.compute-1.amazonaws.com

68a4932ffca64946bd218bdf95ea4e08-adf0901f1861.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.174.77.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-77-43.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.213.255.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-255-128.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	performansgrup.com.tr signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr	72 KB
12	forter.com 1 redirects adf0901f1861.cdn4.forter.com cdn9.forter.com 68a4932ffca64946bd218bdf95ea4e08-adf0901f1861.cdn.forter.com cdn3.forter.com cdn0.forter.com	59 KB
1	ebayrtm.com srv.de.ebayrtm.com	399 B
0	paypal.com Failed c.paypal.com Failed
31	4

	Domain	Requested by
16	signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr	signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
5	cdn0.forter.com	adf0901f1861.cdn4.forter.com
3	cdn3.forter.com	adf0901f1861.cdn4.forter.com
2	cdn9.forter.com	1 redirects
1	68a4932ffca64946bd218bdf95ea4e08-adf0901f1861.cdn.forter.com	adf0901f1861.cdn4.forter.com
1	adf0901f1861.cdn4.forter.com	signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
1	srv.de.ebayrtm.com	signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
0	c.paypal.com Failed	signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
31	8

This site contains links to these domains. Also see Links.

Domain
www.ebay.de
pages.ebay.de
trustsealinfo.websecurity.norton.com

Subject Issuer	Validity	Valid
srv.ebayrtm.com Sectigo RSA Organization Validation Secure Server CA	`2020-03-02` - `2021-03-02`	a year	crt.sh
*.cdn4.forter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-18` - `2021-12-14`	a year	crt.sh
cdn9.forter.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
*.cdn.forter.com DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-07-07`	10 months	crt.sh
cdn3.forter.com DigiCert SHA2 Secure Server CA	`2019-03-24` - `2021-06-16`	2 years	crt.sh
cdn0.forter.com DigiCert SHA2 Secure Server CA	`2020-09-20` - `2021-06-13`	9 months	crt.sh

This page contains 4 frames:

Primary Page: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Frame ID: 99D2B5C0195A7325CB31172FFA42993C
Requests: 28 HTTP requests in this frame

Frame: https://c.paypal.com/da/r/efb.js
Frame ID: 1669E549D2F629EB3C9B18A95CCD4FCD
Requests: 1 HTTP requests in this frame

Frame: https://srv.de.ebayrtm.com/rtm?RtmGetCapJs&p=18&rqid=816ef2b01720aa660b25f8faffffffff&cb=parent.window.updateRtmField
Frame ID: 7E5BA1EF8D256207E675B83C28A3B03D
Requests: 1 HTTP requests in this frame

Frame: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/t_n.htm
Frame ID: 849A592524360B4C1C9F68BCC34E37B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

31
Requests

39 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

8
IPs

2
Countries

131 kB
Transfer

377 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ebay.de/

Search URL Search Domain Scan URL

URL: https://pages.ebay.de/help/policies/user-agreement.html
Title: eBay-AGB

Search URL Search Domain Scan URL

URL: https://pages.ebay.de/help/policies/privacy-policy.html
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://pages.ebay.de/help/account/cookies-web-beacons.html
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.ebay.de/adchoice
Title: AdChoice

Search URL Search Domain Scan URL

URL: https://trustsealinfo.websecurity.norton.com/splash?form_file=fdf/splash.fdf&dn=www.ebay.de&lang=de
Title: Norton Secured - powered by Verisign

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/78b70b9f35492e2d6b77e31c18a702b9a2e79c0a26da1233b1e3340ebb91c21cac7f4bce65135fe3d8f140d6a073

31 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 4c1f00cd117e0f1e8e42a646ccb9ffcc.php Show response
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/ 213 KB
69 KB 187ms
163ms Document
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: / PHP/5.5.38
Resource Hash: 7aaca7efdc0fc3fa23c25458ff2c8d784bb244daeb54bb238efcd5f7bacbed21

Request headers

Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/5.5.38
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 27 Nov 2020 13:35:18 GMT

GET
H/1.1 404
Not Found script.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 141ms
123ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/script.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found 34wtddjp0q1v1dtu2elv5jwg4yf.css
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 148ms
131ms Stylesheet
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/34wtddjp0q1v1dtu2elv5jwg4yf.css
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found signin-render-lag915Ap.css
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 146ms
129ms Stylesheet
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/signin-render-lag915Ap.css
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found nkfytkqtoxtljvzb.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 143ms
125ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/nkfytkqtoxtljvzb.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found fxxj3ttftm5ltcqnto1o4baovyl.png
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 707 B
707 B 144ms
126ms Image
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/fxxj3ttftm5ltcqnto1o4baovyl.png
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash: d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found a.png
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/ 707 B
707 B 177ms
72ms Image
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/a.png
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash: d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found inflowcomponent
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 74ms
74ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/inflowcomponent
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found signin-render-0AQ-_c2b.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 70ms
70ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/signin-render-0AQ-_c2b.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found 10341xh50yz21mhhydueu4m5wad.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 74ms
73ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/10341xh50yz21mhhydueu4m5wad.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found rtnk124fje5djlxjjxeqb5vbdms.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 74ms
74ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/rtnk124fje5djlxjjxeqb5vbdms.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found makeebayfasterscript-src-scripts-body-78a2168a.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 75ms
74ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/makeebayfasterscript-src-scripts-body-78a2168a.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found 9.gif
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 707 B
707 B 72ms
72ms Image
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/9.gif
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash: d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 404
Not Found globalheader_widget_platform__v2-65ca700c30b--ie11.js
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ 0
0 70ms
70ms Script
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/globalheader_widget_platform__v2-65ca700c30b--ie11.js
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
DATA 200
OK truncated Show response
/ 0
0 Script
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET efb.js
c.paypal.com/da/r/ Frame 1669 0
0

GET
H/1.1 404
Not Found a.png
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/ 707 B
707 B 74ms
74ms Image
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/a.png
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash: d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:18 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 707
Content-Type: text/html

GET
H/1.1 200
OK rtm Show response
srv.de.ebayrtm.com/ Frame 7E5B 56 B
399 B 548ms
181ms Script
application/x-javascript 209.140.129.54
EBAY

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.de.ebayrtm.com/rtm?RtmGetCapJs&p=18&rqid=816ef2b01720aa660b25f8faffffffff&cb=parent.window.updateRtmField
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.140.129.54 , United States, ASN11643 (EBAY, US),
Reverse DNS
Software: ebay-proxy-server /
Resource Hash: efd2bd5237dc50a234f9f80e4167135da2f1cc535974c1cd8d55d7055b9f864c

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 13:35:18 GMT
x-envoy-upstream-service-time: 1
rlogid: t6ndbulkgb%7Bq%3C%3Dqkijbathmdc%7Fw%28de%3Bnl*w%60ut3550-17609ea4ee4-0x2337
server: ebay-proxy-server
down-rlogids: MadronaExt-To-MadronaExt=empty;
content-length: 56
content-type: application/x-javascript;charset=UTF-8

GET
H/1.1 404
Not Found t_n.htm Show response
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/ Frame 849A 707 B
930 B 72ms
71ms Document
text/html 109.232.216.219
AEROTEK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/Einloggensoder-neu-anmelden-eBay_files/t_n.htm
Requested by: Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Protocol: HTTP/1.1
Server: 109.232.216.219 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR),
Reverse DNS: srvc219.trwww.com
Software: /
Resource Hash: d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a

Request headers

Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php

Response headers

Connection: Keep-Alive
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 707
Date: Fri, 27 Nov 2020 13:35:18 GMT

GET
H2 200 script.js Show response
adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/ 147 KB
55 KB 127ms
44ms Script
application/javascript 13.224.93.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Requested by

Host: signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.112 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-112.zrh50.r.cloudfront.net

Software

Resource Hash

68fbd12d8185c9a5c91c1c45969143006741882d43e40ef0f76e4a292b2c5bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 03:55:32 GMT
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 03:55:32 GMT
age: 7637987
vary: Accept-Encoding
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=300
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 4cnuQs88uwoL_gQwUew0SRwT50nSKUOxuicQyAXJsnx84DYuZONT0Q==
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
expires: Mon, 31 Aug 2020 04:00:32 GMT

GET
BLOB 200
OK 2cd4299c-3535-4ba4-a63a-39caa713ddce
http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/ 3 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/2cd4299c-3535-4ba4-a63a-39caa713ddce
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc0e53a53a7f1a3717a228192f7b0215b0b1c383331551387c73e81f68de8e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 2584
Content-Type: application/javascript

GET
BLOB 200
OK 1ac108e1-62b5-422f-9d04-3688bdfe7e4d
http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/ 11 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/1ac108e1-62b5-422f-9d04-3688bdfe7e4d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 638b922afaf698954d85e00518fec3d3907c8fb405bfe6f4978ea49b24d9ffce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 11399
Content-Type: application/javascript

GET
H2

200

78b70b9f35492e2d6b77e31c18a702b9a2e79c0a26da1233b1e3340ebb91c21cac7f4bce65135fe3d8f140d6a073 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/78b70b9f35492e2d6b77e31c18a702b9a2e79c0a26da1233b1e3340ebb91c21cac7f4bce65135fe3d8f140d6a073

0
285 B

144ms
144ms

XHR
text/plain

13.224.93.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/78b70b9f35492e2d6b77e31c18a702b9a2e79c0a26da1233b1e3340ebb91c21cac7f4bce65135fe3d8f140d6a073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.93.119 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-93-119.zrh50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 27 Nov 2020 13:35:19 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
access-control-allow-origin: *
timing-allow-origin: *
x-amz-cf-id: fnLx2thFLMVKIKR1GpH_t_D-HlbfOOkUEyXCGVxc84xyY4VWbnR6yw==

Redirect headers

date: Fri, 27 Nov 2020 13:35:19 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/78b70b9f35492e2d6b77e31c18a702b9a2e79c0a26da1233b1e3340ebb91c21cac7f4bce65135fe3d8f140d6a073
timing-allow-origin: *
access-control-allow-origin: *
x-amz-cf-id: j88C8oVXW4xPlwqvOTE_zI2k7FVuGBpr5W3r133y2wx34QpYACHREw==

POST
H/1.1 200
OK prop.json
68a4932ffca64946bd218bdf95ea4e08-adf0901f1861.cdn.forter.com/ 2 B
679 B 330ms
106ms Other
application/json 52.5.0.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://68a4932ffca64946bd218bdf95ea4e08-adf0901f1861.cdn.forter.com/prop.json
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.5.0.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-0-90.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 27 Nov 2020 13:35:19 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Fri, 27 Nov 2020 12:04:51 GMT
Server: Apache
ETag: "2-5b51577c65b65"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 events
cdn3.forter.com/ 0
280 B 334ms
109ms Other
text/plain 54.174.77.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.174.77.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-77-43.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 13:35:19 GMT
vary: Origin
access-control-allow-origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

POST
H2 200 events
cdn3.forter.com/ 0
279 B 335ms
122ms Other
text/plain 54.174.77.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.174.77.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-77-43.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 13:35:19 GMT
vary: Origin
access-control-allow-origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/ 20 B
415 B 471ms
246ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/prop.json?_=1606484120157
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:20 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/ 20 B
415 B 110ms
109ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/prop.json?_=1606484120634
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:20 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/ 20 B
415 B 110ms
109ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/prop.json?_=1606484120881
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:20 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/ 20 B
472 B 109ms
109ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/wpt.json
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 27 Nov 2020 13:35:21 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/ Frame 0
0 109ms
108ms Other 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/68a4932ffca64946bd218bdf95ea4e08/wpt.json
Protocol: HTTP/1.1
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Fri, 27 Nov 2020 13:35:21 GMT
Connection: keep-alive

POST
H2 200 events
cdn3.forter.com/ 0
279 B 121ms
121ms Other
text/plain 54.174.77.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.174.77.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-77-43.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 27 Nov 2020 13:35:27 GMT
vary: Origin
access-control-allow-origin: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.paypal.com
URL: https://c.paypal.com/da/r/efb.js

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr/4c1f00cd117e0f1e8e42a646ccb9ffcc.php(Line 359) Message: TypeError: window.TaaSTrackingCore is not a constructor

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

68a4932ffca64946bd218bdf95ea4e08-adf0901f1861.cdn.forter.com
adf0901f1861.cdn4.forter.com
c.paypal.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr
srv.de.ebayrtm.com
c.paypal.com
109.232.216.219
13.224.93.112
13.224.93.119
18.213.255.128
209.140.129.54
52.5.0.90
54.174.77.43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
638b922afaf698954d85e00518fec3d3907c8fb405bfe6f4978ea49b24d9ffce
68fbd12d8185c9a5c91c1c45969143006741882d43e40ef0f76e4a292b2c5bea
7aaca7efdc0fc3fa23c25458ff2c8d784bb244daeb54bb238efcd5f7bacbed21
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
d090a4047a92954a06c1d411213d273696225e8eb2de9e795a04bdec68ced05a
ddc0e53a53a7f1a3717a228192f7b0215b0b1c383331551387c73e81f68de8e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efd2bd5237dc50a234f9f80e4167135da2f1cc535974c1cd8d55d7055b9f864c

signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr Open in urlscan Pro 109.232.216.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

39 %HTTPS

0 %IPv6

4 Domains

8 Subdomains

8 IPs

2 Countries

131 kBTransfer

377 kBSize

0 Cookies

6 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

signinebayaccesisslverizonhttprogerebyhttpvizitors.performansgrup.com.tr Open in urlscan Pro
109.232.216.219 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

39 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

8
IPs

2
Countries

131 kB
Transfer

377 kB
Size

0
Cookies

31 HTTP transactions
1 data transactions