7ay--firsat---online.shop Open in urlscan Pro
94.156.66.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://7ay--firsat---online.shop/
Effective URL:
https://7ay--firsat---online.shop/
Submission: On July 12 via api (July 12th 2024, 2:52:53 am UTC) from NL — Scanned from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 12 domains to perform 24 HTTP transactions. The main IP is 94.156.66.71, located in Bulgaria and belongs to LIMENET, US. The main domain is 7ay--firsat---online.shop.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time 7ay--firsat---online.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	94.156.66.71 94.156.66.71	394711 (LIMENET) (LIMENET)
1	172.67.71.57 172.67.71.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4694	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
24	7

3 94.156.66.71 (Bulgaria)

ASN394711 (LIMENET, US)

7ay--firsat---online.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4694 (United States)

ASN13335 (CLOUDFLARENET, US)

bundles.efilli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	310 KB
3	7ay--firsat---online.shop 7ay--firsat---online.shop	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	273 B
1	efilli.com bundles.efilli.com — Cisco Umbrella Rank: 108986	37 KB
1	waust.at waust.at — Cisco Umbrella Rank: 35705	4 KB
0	google.nl Failed www.google.nl Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed
0	google.com Failed region1.analytics.google.com Failed
0	pingdom.net Failed rum-static.pingdom.net Failed
0	creativecdn.com Failed tags.creativecdn.com Failed
0	hangikredi.com Failed dist-klasor.hangikredi.com Failed cdn.hangikredi.com Failed isortagim.hangikredi.com Failed
24	12

	Domain	Requested by
3	www.googletagmanager.com	7ay--firsat---online.shop www.googletagmanager.com
3	7ay--firsat---online.shop	7ay--firsat---online.shop
2	connect.facebook.net	7ay--firsat---online.shop connect.facebook.net
1	www.facebook.com	7ay--firsat---online.shop
1	bundles.efilli.com	7ay--firsat---online.shop
1	waust.at	7ay--firsat---online.shop
0	www.google.nl Failed
0	stats.g.doubleclick.net Failed	www.googletagmanager.com
0	region1.analytics.google.com Failed	www.googletagmanager.com
0	rum-static.pingdom.net Failed	www.googletagmanager.com
0	tags.creativecdn.com Failed	7ay--firsat---online.shop
0	isortagim.hangikredi.com Failed	7ay--firsat---online.shop
0	cdn.hangikredi.com Failed	7ay--firsat---online.shop
0	dist-klasor.hangikredi.com Failed	7ay--firsat---online.shop
24	14

This site contains no links.

Subject Issuer	Validity	Valid
7ay--firsat---online.shop R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh
waust.at WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh
efilli.com WE1	`2024-06-28` - `2024-09-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-20` - `2024-07-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://7ay--firsat---online.shop/
Frame ID: 1F318977A478C5B9F6B0B422477627D2
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://7ay--firsat---online.shop/ HTTP 307
https://7ay--firsat---online.shop/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

24
Requests

46 %
HTTPS

67 %
IPv6

12
Domains

14
Subdomains

7
IPs

3
Countries

450 kB
Transfer

1469 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://7ay--firsat---online.shop/ HTTP 307
https://7ay--firsat---online.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=781954915193091&ev=PageView&dl=https%3A%2F%2F7ay--firsat---online.shop%2F&rl=&if=false&ts=1720752747108&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4124&fbp=fb.1.1720752747107.155168142516518820&ler=empty&cdl=API_unavailable&it=1720752746864&coo=false&rqm=FGET HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D781954915193091%26ev%3DPageView%26dl%3Dhttps%253A%252F%252F7ay--firsat---online.shop%252F%26rl%26if%3Dfalse%26ts%3D1720752747108%26sw%3D1600%26sh%3D1200%26v%3D2.9.161%26r%3Dstable%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1720752747107.155168142516518820%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720752746864%26coo%3Dfalse%26rqm%3DFGET

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
7ay--firsat---online.shop/
Redirect Chain

http://7ay--firsat---online.shop/
https://7ay--firsat---online.shop/

112 KB
30 KB

677ms
201ms

Document
text/html

94.156.66.71
LIMENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7ay--firsat---online.shop/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.156.66.71 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software: Apache / PleskLin
Resource Hash: ae92ed26b93b5d22cfc74db4e17d39027b30039e49919df316a665f8dbfa389a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 30183
Content-Type: text/html
Date: Fri, 12 Jul 2024 02:52:22 GMT
ETag: "1bf0f-61bc0b73a8380-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 26 Jun 2024 01:13:02 GMT
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PleskLin

Redirect headers

Location: https://7ay--firsat---online.shop/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 s.js Show response
waust.at/ 8 KB
4 KB 533ms
322ms Script
application/x-javascript 172.67.71.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 02:52:23 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 70
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
server: cloudflare
etag: W/"63c04115-2170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWs33%2BP4tIsA%2Few8VaPCX64OZk1qgyoLFHmHpgbnAHUxbbfa%2FGb%2B17AMebmRvIkEWQW2y9WKgQ9jMy8cLW75gXOwQIQFooHLGY0x%2Fe%2B%2BtODZWcJ8cr8cfq0d"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8a1dbca6cb1f2bb8-FRA
expires: Sat, 13 Jul 2024 02:51:13 GMT

GET
H2 200 hangikredi.com.prod.js Show response
bundles.efilli.com/ 112 KB
37 KB 610ms
215ms Script
application/javascript 2606:4700:20::ac43:4694
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bundles.efilli.com/hangikredi.com.prod.js
Requested by: Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4694 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1e0799d9b462718726f5b01aac1bc7c146ae6bb69e527100cfb7396dbabd9e

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 02:52:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2024 12:41:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 173
etag: W/"668546df-1c1f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kMNCJQKtgqc%2BmN6t6Flmdc5Bynuh4tH6VAHwm%2BQPk%2FhVbw9p6q3ttnm6WPLFUf%2Fpo76LH0cukoBgsdfK5T4jEG657rkoJJU2zeQ8cFKrbERQLBX4tNBlOEYuH59VUppVxN4DBO94CiLuU7bKtaCgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate
cf-ray: 8a1dbca81e6f1cc1-FRA

GET
H/1.1 404
Not Found glide.min.js
7ay--firsat---online.shop/dist/js/thirdparties/ 0
0 195ms
193ms Script
text/html 94.156.66.71
LIMENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7ay--firsat---online.shop/dist/js/thirdparties/glide.min.js
Requested by: Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.156.66.71 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software: Apache / PleskLin
Resource Hash

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 02:52:23 GMT
Last-Modified: Tue, 02 Jul 2024 14:01:05 GMT
Server: Apache
ETag: "328-61c44250ca3fc"
X-Powered-By: PleskLin
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 808

GET index-desktop.min.css
dist-klasor.hangikredi.com/css/credit-card/redirect/ 0
0

GET hk-new-logo.svg
dist-klasor.hangikredi.com/images/ 0
0

GET placeholder.png
dist-klasor.hangikredi.com/images/ 0
0

GET redirect-ok.gif
dist-klasor.hangikredi.com/images/ 0
0

GET akbank-122-34.svg
cdn.hangikredi.com/images/bank/ 0
0

GET modal-close.svg
dist-klasor.hangikredi.com/images/ 0
0

GET
H/1.1 404
Not Found global-info.js
7ay--firsat---online.shop/dist/js/ 0
0 399ms
204ms Script
text/html 94.156.66.71
LIMENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7ay--firsat---online.shop/dist/js/global-info.js
Requested by: Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.156.66.71 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software: Apache / PleskLin
Resource Hash

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 02:52:23 GMT
Last-Modified: Tue, 02 Jul 2024 14:01:05 GMT
Server: Apache
ETag: "328-61c44250ca3fc"
X-Powered-By: PleskLin
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 808

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 443 KB
126 KB 763ms
279ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3KM5Z

Requested by

Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff7636b346b4bf01d509ca87d1b4c7ec014be5fbfbbfbc62a2d6cde49891ccfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 02:52:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128406
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 01:00:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 02:52:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
99 KB 315ms
313ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1QPJPKCB3G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3KM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3daef90b741e4fce7a3df9fddc1428a7d0a902f79c1b818ba72bbf7ed9418a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 02:52:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 02:52:25 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 240 KB
85 KB 237ms
236ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-971537583&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3KM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7464c564df9f583d25b03e7e2e12f2429b891e5ff87c2eb49067f6e91c2c75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 02:52:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87170
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 01:00:20 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 02:52:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 704ms
238ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jul 2024 02:52:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: MODERATE; q=0.3, rtt=189, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: SQ63FkDr4KTdhB+g4K0tMlUPFv26oG8YY95LCYPr1hP7qSKTkVMSYWCU4FhwM7igLEXmznhQMAWvQSUtptdInQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 781954915193091 Show response
connect.facebook.net/signals/config/ 41 KB
9 KB 200ms
200ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/781954915193091?v=2.9.161&r=stable&domain=7ay--firsat---online.shop&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ff0e3cee76a972464744303817baa69b4e4b87c32925785fcf697dcf62927ca5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 12 Jul 2024 02:52:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: MODERATE; q=0.3, rtt=254, rtx=0, c=56, mss=1297, tbw=64176, tp=-1, tpl=-1, uplat=54, ullat=0
pragma: public
x-fb-debug: aGJqnkmvBQvgZsJFNN4SJIisJd2I4njLvNjmGoIer56J15lUdEiLrckHTfRNAvACq8QtcTuFkHrqujNdraWhjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 588ms
209ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=781954915193091&ev=PageView&dl=https%3A%2F%2F7ay--firsat---online.shop%2F&rl=&if=false&ts=1720752747108&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4124&fbp=fb.1.1720752747107.155168142516518820&ler=empty&cdl=API_unavailable&it=1720752746864&coo=false&rqm=GET

Requested by

Host: 7ay--firsat---online.shop
URL: https://7ay--firsat---online.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://7ay--firsat---online.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: MODERATE; q=0.3, rtt=181, rtx=0, c=10, mss=1297, tbw=2836, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 12 Jul 2024 02:52:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET

/
www.facebook.com/login/
Redirect Chain

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=781954915193091&ev=PageView&dl=https%3A%2F%2F7ay--firsat---online.shop%2F&rl=&if=false&ts=1720752747108&sw=1600&sh=1200&v=2.9.161...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D781954915193091%26ev%3DPageView%26dl%3Dhttps%253A%252F%252F7ay--firsat--...

0
0

GET hangipixel.js
isortagim.hangikredi.com/content/ 0
0

GET wzq0zSCQVti7ckin0WUs.js
tags.creativecdn.com/ 0
0

GET pa-659f8bcadaab420012000558.js
rum-static.pingdom.net/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET ga-audiences
www.google.nl/ads/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dist-klasor.hangikredi.com
URL: https://dist-klasor.hangikredi.com/css/credit-card/redirect/index-desktop.min.css?v=78

Domain: dist-klasor.hangikredi.com
URL: https://dist-klasor.hangikredi.com/images/hk-new-logo.svg?v=78

Domain: dist-klasor.hangikredi.com
URL: https://dist-klasor.hangikredi.com/images/placeholder.png?v=78

Domain: dist-klasor.hangikredi.com
URL: https://dist-klasor.hangikredi.com/images/redirect-ok.gif?v=78

Domain: cdn.hangikredi.com
URL: https://cdn.hangikredi.com/images/bank/akbank-122-34.svg

Domain: dist-klasor.hangikredi.com
URL: https://dist-klasor.hangikredi.com/images/modal-close.svg?v=78

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D781954915193091%26ev%3DPageView%26dl%3Dhttps%253A%252F%252F7ay--firsat---online.shop%252F%26rl%26if%3Dfalse%26ts%3D1720752747108%26sw%3D1600%26sh%3D1200%26v%3D2.9.161%26r%3Dstable%26ec%3D0%26o%3D4124%26fbp%3Dfb.1.1720752747107.155168142516518820%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1720752746864%26coo%3Dfalse%26rqm%3DFGET

Domain: isortagim.hangikredi.com
URL: https://isortagim.hangikredi.com/content/hangipixel.js?t=v116564608000001720828800000

Domain: tags.creativecdn.com
URL: https://tags.creativecdn.com/wzq0zSCQVti7ckin0WUs.js

Domain: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-659f8bcadaab420012000558.js

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1QPJPKCB3G&gtm=45je4790v9126711584z86989590za200zb6989590&_p=1720752743919&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=498255874.1720752773&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2F7ay--firsat---online.shop%2F&dt=Akbank%20Axess%20Kredi%20Kart%C4%B1%20Ba%C5%9Fvuru%20Y%C3%B6nlendirmesi&sid=1720752773&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.time_stamp=2024-07-12T04%3A52%3A53.273%2B02%3A00&ep.cd_useragent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ep.cd_sessionId=806d5abe-7989-4af2-8907-8a9f7e6a58fc&up.=&tfd=30970&_z=fetch

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1QPJPKCB3G&cid=498255874.1720752773&gtm=45je4790v9126711584z86989590za200zb6989590&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0

Domain: www.google.nl
URL: https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1QPJPKCB3G&cid=498255874.1720752773&gtm=45je4790v9126711584z86989590za200zb6989590&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=627898295

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.7ay--firsat---online.shop/	1970-01-21 00:08:48	Name: _gcl_au Value: 1.1.269000345.1720752746
			.7ay--firsat---online.shop/	1970-01-21 00:08:48	Name: _fbp Value: fb.1.1720752747107.155168142516518820

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://7ay--firsat---online.shop/dist/js/thirdparties/glide.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://7ay--firsat---online.shop/dist/js/global-info.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ay--firsat---online.shop
bundles.efilli.com
cdn.hangikredi.com
connect.facebook.net
dist-klasor.hangikredi.com
isortagim.hangikredi.com
region1.analytics.google.com
rum-static.pingdom.net
stats.g.doubleclick.net
tags.creativecdn.com
waust.at
www.facebook.com
www.google.nl
www.googletagmanager.com
cdn.hangikredi.com
dist-klasor.hangikredi.com
isortagim.hangikredi.com
region1.analytics.google.com
rum-static.pingdom.net
stats.g.doubleclick.net
tags.creativecdn.com
www.facebook.com
www.google.nl
172.67.71.57
2606:4700:20::ac43:4694
2a00:1450:4001:80b::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
94.156.66.71
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
3daef90b741e4fce7a3df9fddc1428a7d0a902f79c1b818ba72bbf7ed9418a82
ae92ed26b93b5d22cfc74db4e17d39027b30039e49919df316a665f8dbfa389a
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7464c564df9f583d25b03e7e2e12f2429b891e5ff87c2eb49067f6e91c2c75e
ff0e3cee76a972464744303817baa69b4e4b87c32925785fcf697dcf62927ca5
ff1e0799d9b462718726f5b01aac1bc7c146ae6bb69e527100cfb7396dbabd9e
ff7636b346b4bf01d509ca87d1b4c7ec014be5fbfbbfbc62a2d6cde49891ccfe

7ay--firsat---online.shop Open in urlscan Pro 94.156.66.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

46 %HTTPS

67 %IPv6

12 Domains

14 Subdomains

7 IPs

3 Countries

450 kBTransfer

1469 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

7ay--firsat---online.shop Open in urlscan Pro
94.156.66.71 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

46 %
HTTPS

67 %
IPv6

12
Domains

14
Subdomains

7
IPs

3
Countries

450 kB
Transfer

1469 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions