odeme.nefesbinayonetimi.com Open in urlscan Pro
159.253.45.112  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response odeme.nefesbinayonetimi.com/	468 B 395 B	578ms 201ms	Document text/html	159.253.45.112 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://odeme.nefesbinayonetimi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.45.112 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS Software nginx / PleskLin Resource Hash fdbadcef81d3f7650904705ad6d2cc750e0740f3c4c82c47b827d4c95347c19b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html date Mon, 03 Jul 2023 14:22:49 GMT etag W/"1d4-5ff7da09a1280" last-modified Sun, 02 Jul 2023 09:25:14 GMT server nginx x-accel-version 0.01 x-powered-by PleskLin
GET H2	200	index-fd8f9891.js Show response odeme.nefesbinayonetimi.com/assets/	6 MB 1 MB	301ms 300ms	Script application/javascript	159.253.45.112 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://odeme.nefesbinayonetimi.com/assets/index-fd8f9891.js Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.45.112 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS Software nginx / PleskLin Resource Hash c5abfad09de45057d64d9272146cda7a175bce18eab0acc86b4fea99df483f5a Request headers Referer https://odeme.nefesbinayonetimi.com/ Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:49 GMT content-encoding br last-modified Sun, 02 Jul 2023 09:25:14 GMT server nginx etag W/"64a1427a-587c63" x-powered-by PleskLin content-type application/javascript
GET H2	200	index-5f6faece.css odeme.nefesbinayonetimi.com/assets/	394 KB 50 KB	374ms 374ms	Stylesheet text/css	159.253.45.112 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://odeme.nefesbinayonetimi.com/assets/index-5f6faece.css Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.45.112 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS Software nginx / PleskLin Resource Hash 5f6faece6f19b0349d21c65fb6d3184a066aed6ef8d9be955fc49ca966ae4007 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:49 GMT content-encoding br last-modified Sun, 02 Jul 2023 09:25:13 GMT server nginx etag W/"64a14279-62788" x-powered-by PleskLin content-type text/css
GET H2	200	css2 fonts.googleapis.com/	23 KB 2 KB	298ms 32ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=DM+Serif+Display&family=IBM+Plex+Sans:wght@300;400;500;600&family=JetBrains+Mono:wght@200;400;500&family=Lexend+Deca:wght@300;400;500;600;700;800&display=swap Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-5f6faece.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5897a244a43f6829532e1c0c35400318cfdc11f9a19aa672205da55972f62660 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 03 Jul 2023 14:22:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 03 Jul 2023 14:22:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 03 Jul 2023 14:22:50 GMT
GET H2	200	client Show response accounts.google.com/gsi/	193 KB 76 KB	183ms 126ms	Script application/javascript	2a00:1450:4001:806::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-fd8f9891.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 62b93b592da7af69e38c75d82b2ecc3052308ebe87aaff6054ae05ebf1d98d0f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-CLVl0VAo1msdDf168DjPqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:51 GMT content-security-policy script-src 'report-sample' 'nonce-CLVl0VAo1msdDf168DjPqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Mon, 03 Jul 2023 14:22:51 GMT
GET H2	200	auth-64f87d47.js Show response odeme.nefesbinayonetimi.com/assets/	2 KB 1 KB	98ms 97ms	Script application/javascript	159.253.45.112 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://odeme.nefesbinayonetimi.com/assets/auth-64f87d47.js Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-fd8f9891.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.45.112 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS Software nginx / PleskLin Resource Hash 8dbad5d0eb41c36aefecf8bd0faac5bec1ce1d539e6ee5a1016725dcd63ffe94 Request headers Referer https://odeme.nefesbinayonetimi.com/ Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:51 GMT content-encoding br last-modified Sun, 02 Jul 2023 09:25:14 GMT server nginx etag W/"64a1427a-9b3" x-powered-by PleskLin content-type application/javascript
GET H2	200	index-73331426.js Show response odeme.nefesbinayonetimi.com/assets/	3 KB 2 KB	99ms 98ms	Script application/javascript	159.253.45.112 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://odeme.nefesbinayonetimi.com/assets/index-73331426.js Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-fd8f9891.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.45.112 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS Software nginx / PleskLin Resource Hash 13621c464c331f6c452c794261963686eb609ddeb31e7a006813386e761ce97d Request headers Referer Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:51 GMT content-encoding br last-modified Sun, 02 Jul 2023 09:25:14 GMT server nginx etag W/"64a1427a-d11" x-powered-by PleskLin content-type application/javascript
GET H2	200	route-block-83d24a4e.js Show response odeme.nefesbinayonetimi.com/assets/	27 B 206 B	100ms 99ms	Script application/javascript	159.253.45.112 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://odeme.nefesbinayonetimi.com/assets/route-block-83d24a4e.js Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-fd8f9891.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.253.45.112 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS Software nginx / PleskLin Resource Hash f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625 Request headers Referer Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:51 GMT content-encoding br last-modified Sun, 02 Jul 2023 09:25:14 GMT x-accel-version 0.01 server nginx etag W/"1b-5ff7da09a1280" x-powered-by PleskLin content-type application/javascript
POST H/1.1	200 OK	info Show response individual.aidatim.com/auth/	463 B 874 B	359ms 81ms	XHR application/json	185.83.144.66 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Full URL https://individual.aidatim.com/auth/info Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-fd8f9891.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.83.144.66 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS mail.mudu.com.tr Software Apache / PHP/7.4.33, PleskLin Resource Hash 5042d6fae99a12fa9eeec112a5b5139d550f890d28ae1ca946d4d37afdaf2961 Request headers Accept application/json, text/plain, */* Referer https://odeme.nefesbinayonetimi.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 14:22:51 GMT Server Apache X-Powered-By PHP/7.4.33, PleskLin Transfer-Encoding chunked Access-Control-Allow-Methods POST,GET,DELETE,PUT,PATCH Content-Type application/json Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100 Access-Control-Allow-Headers Content-Type, Authorization,subscription
GET H2	200	loginbg.jpg cdn.aidatim.dev/drive/apps/	283 KB 283 KB	328ms 144ms	Image image/jpeg	185.83.144.78 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.aidatim.dev/drive/apps/loginbg.jpg Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/assets/index-5f6faece.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.83.144.78 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS static-144-78.corelux.net Software nginx / PleskLin Resource Hash 61114e1b29e6aeeed5c079cf7b480160bace65e6614029bad2478140c17b38ba Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:15:07 GMT last-modified Fri, 05 May 2023 20:17:56 GMT server nginx etag "64556474-46ba8" x-powered-by PleskLin content-type image/jpeg accept-ranges bytes content-length 289704
GET H2	200	K2F1fZFYk-dHSE0UPPuwQ5qpJy_KZA.woff2 fonts.gstatic.com/s/lexenddeca/v21/	29 KB 30 KB	124ms 47ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lexenddeca/v21/K2F1fZFYk-dHSE0UPPuwQ5qpJy_KZA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display&family=IBM+Plex+Sans:wght@300;400;500;600&family=JetBrains+Mono:wght@200;400;500&family=Lexend+Deca:wght@300;400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 38f59e41e6a25be803fe6366ce69472dd821da6307c6666fad5f48060e8529ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 11:51:09 GMT x-content-type-options nosniff age 181902 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30120 x-xss-protection 0 last-modified Mon, 20 Mar 2023 21:23:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 11:51:09 GMT
GET H2	200	K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2 fonts.gstatic.com/s/lexenddeca/v21/	35 KB 36 KB	98ms 22ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lexenddeca/v21/K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display&family=IBM+Plex+Sans:wght@300;400;500;600&family=JetBrains+Mono:wght@200;400;500&family=Lexend+Deca:wght@300;400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f6d622a8af1497a7fbacb9a692250314000820e051e06082b40c7f44c24e152 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 20:41:43 GMT x-content-type-options nosniff age 495668 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36232 x-xss-protection 0 last-modified Mon, 20 Mar 2023 21:42:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Jun 2024 20:41:43 GMT
GET H/1.1	200 OK	logo.svg cdn.mudu.pro/Design/	10 KB 10 KB	330ms 77ms	Image image/svg+xml	185.83.144.66 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mudu.pro/Design/logo.svg Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/auth Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.83.144.66 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS mail.mudu.com.tr Software Apache / PleskLin Resource Hash cb7ec0862888c460b40de1932132a13112d810690d71d127253f60faa7a4b6a5 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 14:22:51 GMT Last-Modified Thu, 04 May 2023 15:19:09 GMT Server Apache ETag "285c-5fadfb1b6ac8a" X-Powered-By PleskLin Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10332
GET H2	200	cc-logo.png cdn.aidatim.com/logo/	26 KB 27 KB	324ms 146ms	Image image/png	185.83.144.98 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.aidatim.com/logo/cc-logo.png Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/auth Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.83.144.98 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS static-144-98.corelux.net Software nginx / PleskLin Resource Hash 38971d986ec8c8b9f83355353bf1b04404b72c598ba4176e97f9bc38583cd5a0 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:15:07 GMT last-modified Wed, 04 Jan 2023 19:40:32 GMT server nginx etag "63b5d630-69c2" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 27074
GET H2	200	style accounts.google.com/gsi/	533 B 585 B	70ms 69ms	Stylesheet text/css	2a00:1450:4001:806::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/style Requested by Host: accounts.google.com URL: https://accounts.google.com/gsi/client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-7xnaPwQan4Czwp6jx1fuHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:22:51 GMT content-security-policy script-src 'report-sample' 'nonce-7xnaPwQan4Czwp6jx1fuHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type text/css; charset=utf-8 cache-control private, max-age=86400 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Mon, 03 Jul 2023 14:22:51 GMT
GET H2	403	button Show response accounts.google.com/gsi/ Frame BF50	1 KB 1 KB	237ms 227ms	Document text/html	2a00:1450:4001:806::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/button?type=icon&theme=filled_black&size=medium&client_id=601125008259-qi56525pqcojp1ktfiihagnvjtvbpadm.apps.googleusercontent.com&iframe_id=gsi_171622_926487&as=RrykUSj1YFvAZmao1gLl4Q Requested by Host: accounts.google.com URL: https://accounts.google.com/gsi/client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 39d85db65c509d8135d091ac930b08a688e546e8202fba66c2c15ec3e559bcee Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mZA446Cxdj6ldwjXaoml2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://odeme.nefesbinayonetimi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-mZA446Cxdj6ldwjXaoml2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" cross-origin-resource-policy cross-origin date Mon, 03 Jul 2023 14:22:51 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	m=credential_button_library ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.SmVeKl_K980.L.W.O/am=0g/d=1/rs=AF0KOtWSE_wYgjIwugL2hQCuIXn3N9XR8g/ Frame BF50	7 KB 2 KB	82ms 23ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.SmVeKl_K980.L.W.O/am=0g/d=1/rs=AF0KOtWSE_wYgjIwugL2hQCuIXn3N9XR8g/m=credential_button_library Requested by Host: accounts.google.com URL: https://accounts.google.com/gsi/button?type=icon&theme=filled_black&size=medium&client_id=601125008259-qi56525pqcojp1ktfiihagnvjtvbpadm.apps.googleusercontent.com&iframe_id=gsi_171622_926487&as=RrykUSj1YFvAZmao1gLl4Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng content-encoding gzip x-content-type-options nosniff date Tue, 27 Jun 2023 23:51:16 GMT age 484295 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1753 x-xss-protection 0 last-modified Mon, 12 Jun 2023 21:16:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="csi-web-eng" vary Accept-Encoding report-to {"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 23:51:16 GMT
GET H2	200	m=credential_button_library Show response ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.EafsFLytja4.O/am=0g/d=1/rs=AF0KOtXnjeCyOGfaM1oVHn8OOYtk8qF98A/ Frame BF50	99 KB 36 KB	83ms 24ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.EafsFLytja4.O/am=0g/d=1/rs=AF0KOtXnjeCyOGfaM1oVHn8OOYtk8qF98A/m=credential_button_library Requested by Host: accounts.google.com URL: https://accounts.google.com/gsi/button?type=icon&theme=filled_black&size=medium&client_id=601125008259-qi56525pqcojp1ktfiihagnvjtvbpadm.apps.googleusercontent.com&iframe_id=gsi_171622_926487&as=RrykUSj1YFvAZmao1gLl4Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc81c0758eb90ce800489b56d4cf7262a153af641a917a87a13ba59daab604de Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng content-encoding gzip x-content-type-options nosniff date Tue, 27 Jun 2023 03:29:58 GMT age 557573 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36852 x-xss-protection 0 last-modified Sat, 24 Jun 2023 01:16:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="csi-web-eng" vary Accept-Encoding report-to {"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 03:29:58 GMT
GET H2	200	zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 fonts.gstatic.com/s/ibmplexsans/v19/	19 KB 19 KB	26ms 21ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display&family=IBM+Plex+Sans:wght@300;400;500;600&family=JetBrains+Mono:wght@200;400;500&family=Lexend+Deca:wght@300;400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 13:31:55 GMT x-content-type-options nosniff age 175856 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19156 x-xss-protection 0 last-modified Tue, 02 May 2023 16:04:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 13:31:55 GMT
GET H2	200	zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2 fonts.gstatic.com/s/ibmplexsans/v19/	15 KB 15 KB	27ms 26ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=DM+Serif+Display&family=IBM+Plex+Sans:wght@300;400;500;600&family=JetBrains+Mono:wght@200;400;500&family=Lexend+Deca:wght@300;400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a4ad5a9fd17ad03f878c0f1b126f460c4f409f29c633d5fc7c20276a7060914 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://odeme.nefesbinayonetimi.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 06:26:14 GMT x-content-type-options nosniff age 201397 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15724 x-xss-protection 0 last-modified Tue, 02 May 2023 16:04:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 06:26:14 GMT
GET H2	200	cadfe2f8-d66c-45dc-a5c8-4447ba40c36a.png cdn.aidatim.dev/drive/app/11/	28 KB 28 KB	198ms 196ms	Image image/png	185.83.144.78 NETINTERNET Netin...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.aidatim.dev/drive/app/11/cadfe2f8-d66c-45dc-a5c8-4447ba40c36a.png Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/auth Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.83.144.78 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR), Reverse DNS static-144-78.corelux.net Software nginx / PleskLin Resource Hash 67e297327dd45433955e55a9a4786548ff446079469d69410eb27879b200b2e2 Request headers accept-language de-DE,de;q=0.9 Referer https://odeme.nefesbinayonetimi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:15:07 GMT last-modified Tue, 27 Jun 2023 03:48:31 GMT server nginx etag "649a5c0f-6eb4" x-powered-by PleskLin content-type image/png accept-ranges bytes content-length 28340
POST H2	204	identity-sign-in-google-http csp.withgoogle.com/csp/ Frame BF50	0 0	87ms 32ms	Other text/html	2a00:1450:4001:831::2011 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csp.withgoogle.com/csp/identity-sign-in-google-http Requested by Host: odeme.nefesbinayonetimi.com URL: https://odeme.nefesbinayonetimi.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/csp-report Response headers

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| __VUE_INSTANCE_SETTERS__ object| __vueuse_ssr_handlers__ boolean| __VUE__ object| default_gsi object| google object| closure_lm_555133 object| __G_ID_CLIENT__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/gsi/button?type=icon&theme=filled_black&size=medium&client_id=601125008259-qi56525pqcojp1ktfiihagnvjtvbpadm.apps.googleusercontent.com&iframe_id=gsi_171622_926487&as=RrykUSj1YFvAZmao1gLl4Q Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.aidatim.com
cdn.aidatim.dev
cdn.mudu.pro
csp.withgoogle.com
fonts.googleapis.com
fonts.gstatic.com
individual.aidatim.com
odeme.nefesbinayonetimi.com
ssl.gstatic.com
159.253.45.112
185.83.144.66
185.83.144.78
185.83.144.98
2a00:1450:4001:802::2003
2a00:1450:4001:806::200d
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:831::2011
13621c464c331f6c452c794261963686eb609ddeb31e7a006813386e761ce97d
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
38971d986ec8c8b9f83355353bf1b04404b72c598ba4176e97f9bc38583cd5a0
38f59e41e6a25be803fe6366ce69472dd821da6307c6666fad5f48060e8529ef
39d85db65c509d8135d091ac930b08a688e546e8202fba66c2c15ec3e559bcee
3f6d622a8af1497a7fbacb9a692250314000820e051e06082b40c7f44c24e152
5042d6fae99a12fa9eeec112a5b5139d550f890d28ae1ca946d4d37afdaf2961
5897a244a43f6829532e1c0c35400318cfdc11f9a19aa672205da55972f62660
5f6faece6f19b0349d21c65fb6d3184a066aed6ef8d9be955fc49ca966ae4007
61114e1b29e6aeeed5c079cf7b480160bace65e6614029bad2478140c17b38ba
62b93b592da7af69e38c75d82b2ecc3052308ebe87aaff6054ae05ebf1d98d0f
67e297327dd45433955e55a9a4786548ff446079469d69410eb27879b200b2e2
8dbad5d0eb41c36aefecf8bd0faac5bec1ce1d539e6ee5a1016725dcd63ffe94
9a4ad5a9fd17ad03f878c0f1b126f460c4f409f29c633d5fc7c20276a7060914
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
c5abfad09de45057d64d9272146cda7a175bce18eab0acc86b4fea99df483f5a
cb7ec0862888c460b40de1932132a13112d810690d71d127253f60faa7a4b6a5
cc81c0758eb90ce800489b56d4cf7262a153af641a917a87a13ba59daab604de
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625
fdbadcef81d3f7650904705ad6d2cc750e0740f3c4c82c47b827d4c95347c19b