hitglobal.com.tr Open in urlscan Pro
185.111.232.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coredrillrigpartsafrica.com/usp/cavb
Effective URL:
http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5...
Submission: On March 29 via automatic, source phishtank (March 29th 2018, 2:05:37 am UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 7 countries across 13 domains to perform 16 HTTP transactions. The main IP is 185.111.232.21, located in Turkey and belongs to TR-FBS, TR. The main domain is hitglobal.com.tr.

This is the only time hitglobal.com.tr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	41.185.12.80 41.185.12.80	36943 (webafrica) (webafrica)
4	185.111.232.21 185.111.232.21	51557 (TR-FBS) (TR-FBS)
1	52.222.166.250 52.222.166.250	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
1	69.4.231.30 69.4.231.30	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	67.202.94.94 67.202.94.94	32748 (STEADFAST) (STEADFAST - Steadfast)
1	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST - Steadfast)
1	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST - Steadfast)
2 2	37.252.172.39 37.252.172.39	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	54.72.152.28 54.72.152.28	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	34.228.95.180 34.228.95.180	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 3	35.157.92.151 35.157.92.151	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	216.58.214.98 216.58.214.98	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	216.52.1.12 216.52.1.12	30282 (AS-INAPCD...) (AS-INAPCDN-OCY - Internap Network Services Corporation)
1	52.28.202.155 52.28.202.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
16	14

2 41.185.12.80 (South Africa) 1 redirects

ASN36943 (webafrica, ZA)
PTR: win28.wadns.net

coredrillrigpartsafrica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.111.232.21 (Turkey)

ASN51557 (TR-FBS, TR)

hitglobal.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.166.250 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-166-250.fra54.r.cloudfront.net

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (None, )

ASN13213 (UK2NET-AS, GB)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.187 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip187.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.181 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip181.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.39 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.152.28 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-152-28.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.228.95.180 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-228-95-180.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.92.151 (Frankfurt, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-92-151.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.214.98 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.1.12 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US)

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.202.155 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-202-155.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	hitglobal.com.tr hitglobal.com.tr	36 KB
3	eyeota.net 2 redirects ps.eyeota.net	765 B
3	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	9 KB
2	exelator.com 2 redirects loadus.exelator.com	2 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	rlcdn.com 1 redirects idsync.rlcdn.com	959 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	amung.us widgets.amung.us whos.amung.us	3 KB
2	coredrillrigpartsafrica.com 1 redirects coredrillrigpartsafrica.com	715 B
1	sharethis.com sync.sharethis.com	420 B
1	cpx.to s.cpx.to	499 B
1	dtscout.com t.dtscout.com	6 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com	21 KB
16	13

	Domain	Requested by
4	hitglobal.com.tr	hitglobal.com.tr
3	ps.eyeota.net	2 redirects hitglobal.com.tr
2	loadus.exelator.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	idsync.rlcdn.com	1 redirects hitglobal.com.tr
2	ib.adnxs.com	2 redirects
2	coredrillrigpartsafrica.com	1 redirects
1	sync.sharethis.com	hitglobal.com.tr
1	s.cpx.to	hitglobal.com.tr
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	hitglobal.com.tr
1	cdn.tynt.com	widgets.amung.us
1	whos.amung.us	widgets.amung.us
1	t.dtscout.com	widgets.amung.us
1	widgets.amung.us	hitglobal.com.tr
1	images-na.ssl-images-amazon.com	hitglobal.com.tr
16	16

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m
Frame ID: FF9BDCF4124391B180574FA6C3760423
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coredrillrigpartsafrica.com/usp/cavb HTTP 301
http://coredrillrigpartsafrica.com/usp/cavb/ Page URL
http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/ Page URL
http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cU... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

14
IPs

7
Countries

77 kB
Transfer

216 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coredrillrigpartsafrica.com/usp/cavb HTTP 301
http://coredrillrigpartsafrica.com/usp/cavb/ Page URL
http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/ Page URL
http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://coredrillrigpartsafrica.com/usp/cavb HTTP 301
http://coredrillrigpartsafrica.com/usp/cavb/

Request Chain 12

http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%253A%252F%252Fhitglobal.com.tr%252Fui%252FwwwAmazonUS%252FsignInAmazonUS%252F%26pid%3D11254%26adnxs_uid%3D%24UID HTTP 302
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253Dhttp%25253A%25252F%25252Fhitglobal.com.tr%25252Fui%25252FwwwAmazonUS%25252FsignInAmazonUS%25252F%2526pid%253D11254%2526adnxs_uid%253D%2524UID HTTP 302
http://s.cpx.to/ca.png?ref=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F&pid=11254&adnxs_uid=5408053440360922486

Request Chain 13

http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlq8SecO5gRwvGTfAg%3D%3D HTTP 302
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlq8SecO5gRwvGTfAg%3D%3D&redirect=1

Request Chain 14

http://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&random=1522289128013 HTTP 302
http://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&random=1522289128013 HTTP 302
http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1 HTTP 302
http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc= HTTP 302
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEN8AIcvwOY1JYcvFcAi9js8&google_cver=1

Request Chain 15

http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlq8SecO5gRwvGTfAg%3D%3D&random=1522289128013 HTTP 302
http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlq8SecO5gRwvGTfAg%3D%3D&random=1522289128013&xl8blockcheck=1 HTTP 302
http://sync.sharethis.com/nlsn?uid=b66b490945967a251118e097d562d525

16 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ coredrillrigpartsafrica.com/usp/cavb/ Redirect Chain http://coredrillrigpartsafrica.com/usp/cavb http://coredrillrigpartsafrica.com/usp/cavb/	101 B 492 B	159ms 158ms	Document text/html	41.185.12.80 webafrica
General Check archive.org Show headers Download Go to Full URL http://coredrillrigpartsafrica.com/usp/cavb/ Protocol HTTP/1.1 Server 41.185.12.80 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS win28.wadns.net Software Microsoft-IIS/6.0 / ASP.NET Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host coredrillrigpartsafrica.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:26 GMT Content-Encoding gzip ETag "808cedd7fadd31:113c9e" Last-Modified Sat, 24 Feb 2018 14:52:13 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/html Accept-Ranges bytes Content-Location http://coredrillrigpartsafrica.com/usp/cavb/index.html Content-Length 120 Redirect headers Location http://coredrillrigpartsafrica.com/usp/cavb/ Date Thu, 29 Mar 2018 02:05:26 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET Content-Length 167 Content-Type text/html
GET H/1.1	200 OK	Cookie set / Show response hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/	204 B 607 B	279ms 184ms	Document text/html	185.111.232.21 TR-FBS
General Check archive.org Show headers Download Go to Full URL http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/ Protocol HTTP/1.1 Server 185.111.232.21 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS Software LiteSpeed / Resource Hash `bf038e0a2b50d8f918e6548561a023cd495f1bc598802df276f846c07cd174d1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hitglobal.com.tr Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://coredrillrigpartsafrica.com/usp/cavb/ Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://coredrillrigpartsafrica.com/usp/cavb/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Mar 2018 02:04:34 GMT Content-Encoding gzip Server LiteSpeed Vary Accept-Encoding Content-Type text/html Cneonction close Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie PHPSESSID=5e7f19af12de5ca147e2d5788646a5fc; path=/ Accept-Ranges bytes Content-Length 197 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	Primary Request Login.php Show response hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/	6 KB 3 KB	110ms 109ms	Document text/html	185.111.232.21 TR-FBS
General Check archive.org Show headers Download Go to Full URL http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/ Protocol HTTP/1.1 Server 185.111.232.21 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS Software LiteSpeed / Resource Hash `b8560a81404cc764bb7b99b88c2276284051b242c5c2206249ed3b8d1706eef1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hitglobal.com.tr Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/ Cookie PHPSESSID=5e7f19af12de5ca147e2d5788646a5fc Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Mar 2018 02:04:34 GMT Content-Encoding gzip Server LiteSpeed Vary Accept-Encoding Content-Type text/html nnCoection close Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Accept-Ranges bytes Content-Length 2396 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	001.css hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/assets/css/	158 KB 31 KB	46ms 46ms	Stylesheet text/css	185.111.232.21 TR-FBS
General Check archive.org Show headers Download Go to Full URL http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/assets/css/001.css Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 185.111.232.21 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS Software LiteSpeed / Resource Hash `8fdf315acd492d219fa5878134b780145d76a8eb73fe2bf32c024ebb4b145380` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hitglobal.com.tr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Cookie PHPSESSID=5e7f19af12de5ca147e2d5788646a5fc Connection keep-alive Cache-Control no-cache Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:02:55 GMT Via (c) isimtescil Last-Modified Sat, 24 Feb 2018 14:51:08 GMT Server LiteSpeed Age 1 ETag "27971-5a917bdc-b20674d8ece803b6;gz" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=604800 ,public Connection Keep-Alive Accept-Ranges bytes Content-Encoding gzip Content-Length 31517 Expires Thu, 05 Apr 2018 02:04:34 GMT
GET H/1.1	200 OK	002.css hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/assets/css/	3 KB 1 KB	85ms 43ms	Stylesheet text/css	185.111.232.21 TR-FBS
General Check archive.org Show headers Download Go to Full URL http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/assets/css/002.css Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 185.111.232.21 , Turkey, ASN51557 (TR-FBS, TR), Reverse DNS Software LiteSpeed / Resource Hash `a7da7cfcd2832e7f2e5b550cd59f875023bc689174b1c6d714d0a1432e646049` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hitglobal.com.tr User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,/;q=0.1 Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Cookie PHPSESSID=5e7f19af12de5ca147e2d5788646a5fc Connection keep-alive Cache-Control no-cache Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:02:55 GMT Via (c) isimtescil Last-Modified Sat, 24 Feb 2018 14:51:08 GMT Server LiteSpeed Age 1 ETag "a58-5a917bdc-40e10641fc8ec890;gz" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=604800 ,public Connection Keep-Alive Accept-Ranges bytes Content-Encoding gzip Content-Length 957 Expires Thu, 05 Apr 2018 02:04:34 GMT
GET S	200	aui_sprite_0029-1x._V1_.png images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/	21 KB 21 KB	29ms 8ms	Image image/png	52.222.166.250 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://images-na.ssl-images-amazon.com/images/G/01/amazonui/sprites/aui_sprite_0029-1x._V1_.png Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol SPDY Server 52.222.166.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-222-166-250.fra54.r.cloudfront.net Software Server / Resource Hash `11b2083cdc7b8f40bb37f550418ab53b58f37716c343a53b37904427dd2d779e` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/assets/css/001.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Wed, 16 Aug 2017 12:09:41 GMT via 1.1 908aa9ee313ac50f6968b1dda0d184c6.cloudfront.net (CloudFront) last-modified Wed, 20 Aug 2014 01:15:04 GMT server Server age 19433191 x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=630720000,public content-length 21662 x-amz-cf-id BLbnouOp7QH86Vxa6eKjRKPgzh2mx40dc41Cekv4DaF9c81PJD3u1w== expires Wed, 18 May 2033 03:33:20 GMT
GET H/1.1	200 OK	small.js Show response widgets.amung.us/	6 KB 3 KB	12ms 6ms	Script application/x-javascript	185.225.208.133 UK2NET-AS
General Check archive.org Show headers Download Go to Full URL http://widgets.amung.us/small.js Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 185.225.208.133 -, , ASN13213 (UK2NET-AS, GB), Reverse DNS Software / Resource Hash `4ce1b2cf7ca8079968036304a82db60fb203089f5264fcfcb6825e64aa46dd19` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:27 GMT Content-Encoding gzip Last-Modified Fri, 09 Mar 2018 16:25:41 GMT ETag W/"5aa2b585-179c" Transfer-Encoding chunked Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=86400, private Connection keep-alive Expires Fri, 30 Mar 2018 02:05:27 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	4 KB 6 KB	188ms 96ms	Script application/javascript	69.4.231.30 SoftLayer Technol...
General Check archive.org Show headers Download Go to Full URL http://t.dtscout.com/i/?l=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2FLogin.php%3Fsslchannel%3Dtrue%26sessionid%3DD1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m&j=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F Requested by Host: widgets.amung.us URL: http://widgets.amung.us/small.js Protocol HTTP/1.1 Server 69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US), Reverse DNS no-rdns.ord02.hostingservicesinc.net Software / Resource Hash `9b04780aae5dbc8eab481e256cde423c8585d2ce5502d70ed2048dad7f805de9` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:28 GMT X-Z I Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache X-ip 148.251.45.254 Connection close Expires Thu, 29 Mar 2018 02:05:27 GMT
GET H/1.1	200 OK	/ Show response whos.amung.us/pingjs/	30 B 233 B	207ms 104ms	Script text/javascript	67.202.94.94 Steadfast
General Check archive.org Show headers Download Go to Full URL http://whos.amung.us/pingjs/?k=x1ulc336b4xc&t=Sign%20In&c=s&y=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F&a=0&d=0.27&v=22&r=156 Requested by Host: widgets.amung.us URL: http://widgets.amung.us/small.js Protocol HTTP/1.1 Server 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS amung.us Software / Resource Hash `e9e46381be104155e8a3933f84480d16c02d379ff0c958262894394cfaad283f` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:27 GMT Content-Encoding gzip Connection close Transfer-Encoding chunked Content-Type text/javascript;charset=UTF-8
GET H/1.1	200 OK	tc.js Show response cdn.tynt.com/	15 KB 7 KB	14ms 8ms	Script application/javascript	104.16.87.26 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://cdn.tynt.com/tc.js Requested by Host: widgets.amung.us URL: http://widgets.amung.us/small.js Protocol HTTP/1.1 Server 104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `89a9bb21f01e36c5282c9a084c2a915150c15289eb34a94e74f87ecd34021d81` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:27 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Tue, 23 Jan 2018 16:30:35 GMT Server cloudflare ETag W/"5a67632b-3ddc" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=259200 Transfer-Encoding chunked Connection keep-alive CF-RAY 402ec58760e22342-FRA Expires Sun, 01 Apr 2018 02:05:27 GMT
GET DATA	200 OK	truncated /	439 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET H/1.1	200 OK	p ic.tynt.com/b/	35 B 626 B	216ms 108ms	Image image/gif	208.100.17.187 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL http://ic.tynt.com/b/p?id=w!x1ulc336b4xc&lm=0&ts=1522289127592&dn=TC&iso=0&r=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F&t=Sign%20In Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 208.100.17.187 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip187.208-100-17.static.steadfastdns.net Software nginx/1.10.3 / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:27 GMT Last-Modified Fri, 16 Apr 2010 15:38:20 GMT Server nginx/1.10.3 ETag "4bc8846c-23" P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" Connection close Accept-Ranges bytes Content-Type image/gif Content-Length 35 Expires "Sat, 26 Jul 1997 05:00:00 GMT"
GET H/1.1	200	v2 Show response de.tynt.com/deb/	971 B 2 KB	238ms 118ms	Script application/javascript	208.100.17.181 Steadfast
General Check archive.org Show headers Download Go to Full URL http://de.tynt.com/deb/v2?id=w!x1ulc336b4xc&dn=TC&cc=1&r=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F Requested by Host: cdn.tynt.com URL: http://cdn.tynt.com/tc.js Protocol HTTP/1.1 Server 208.100.17.181 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip181.208-100-17.static.steadfastdns.net Software / Resource Hash `ca7f32fc532762fca506c7a016be6b21a558275cd3f4189f646287cc22b213b6` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:27 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false Content-Type application/javascript Connection close P3P CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA Content-Length 971 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	ca.png s.cpx.to/ Redirect Chain http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%253A%252F%252Fhitglobal.com.tr%252Fui%252FwwwAmazonUS%252FsignInAmazonUS%252F%26pid%3D11254%26adnxs_uid%3D%24UID http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253Dhttp%25253A%25252F%25252Fhitglobal.com.tr%25252Fui%25252FwwwAmazonUS%25252FsignInAmazonUS%25252F%2526pid%25... http://s.cpx.to/ca.png?ref=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F&pid=11254&adnxs_uid=5408053440360922486	95 B 499 B	52ms 26ms	Image image/png	54.72.152.28 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://s.cpx.to/ca.png?ref=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F&pid=11254&adnxs_uid=5408053440360922486 Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 54.72.152.28 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-72-152-28.eu-west-1.compute.amazonaws.com Software akka-http/2.4.17 / Resource Hash `bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Mar 2018 02:05:28 GMT Server akka-http/2.4.17 P3P CP="NOI DEV ADM" Cache-Control no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Type image/png Content-Length 95 Expires Thu, 29 Mar 2018 02:05:28 GMT Redirect headers Pragma no-cache Date Thu, 29 Mar 2018 02:05:30 GMT X-Proxy-Origin 148.251.45.254; 148.251.45.254; 246.bm-nginx-loadbalancer.mgmt.fra1; .adnxs.com; 37.252.172.24:80 AN-X-Request-Uuid* cae8155e-fd79-4307-b633-69222b92bf64 Server nginx/1.13.4 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location http://s.cpx.to/ca.png?ref=http%3A%2F%2Fhitglobal.com.tr%2Fui%2FwwwAmazonUS%2FsignInAmazonUS%2F&pid=11254&adnxs_uid=5408053440360922486 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	405716.gif idsync.rlcdn.com/ Redirect Chain http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlq8SecO5gRwvGTfAg%3D%3D http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlq8SecO5gRwvGTfAg%3D%3D&redirect=1	43 B 533 B	107ms 106ms	Image image/gif	34.228.95.180 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlq8SecO5gRwvGTfAg%3D%3D&redirect=1 Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 34.228.95.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-228-95-180.compute-1.amazonaws.com Software / Resource Hash `afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE" Content-Length 43 Content-Type image/gif; charset=ISO-8859-1 Redirect headers Location http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlq8SecO5gRwvGTfAg%3D%3D&redirect=1 Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive Content-Type image/gif; charset=ISO-8859-1 Content-Length 0 P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain http://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&random=1522289128013 http://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&random=1522289128013 http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1 http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc= http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEN8AIcvwOY1JYcvFcAi9js8&google_cver=1	70 B 171 B	8ms 7ms	Image image/gif	35.157.92.151 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEN8AIcvwOY1JYcvFcAi9js8&google_cver=1 Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 35.157.92.151 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-157-92-151.eu-central-1.compute.amazonaws.com Software / Resource Hash `de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:28 GMT Content-Length 70 Content-Type image/gif Redirect headers Pragma no-cache Date Thu, 29 Mar 2018 02:05:28 GMT Server HTTP server (unknown) P3P policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Location http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEN8AIcvwOY1JYcvFcAi9js8&google_cver=1 Cache-Control no-cache, must-revalidate Content-Type text/html; charset=UTF-8 Content-Length 310 X-XSS-Protection 1; mode=block Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	nlsn sync.sharethis.com/ Redirect Chain http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlq8SecO5gRwvGTfAg%3D%3D&random=1522289128013 http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlq8SecO5gRwvGTfAg%3D%3D&random=1522289128013&xl8blockcheck=1 http://sync.sharethis.com/nlsn?uid=b66b490945967a251118e097d562d525	42 B 420 B	13ms 7ms	Image image/gif	52.28.202.155 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://sync.sharethis.com/nlsn?uid=b66b490945967a251118e097d562d525 Requested by Host: hitglobal.com.tr URL: http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m Protocol HTTP/1.1 Server 52.28.202.155 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-28-202-155.eu-central-1.compute.amazonaws.com Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer http://hitglobal.com.tr/ui/wwwAmazonUS/signInAmazonUS/Login.php?sslchannel=true&sessionid=D1WC2kH1cUfdiorjTPrDAQzC7Hwac5261729kQC4dnG7leJIkZuLF57mEh4roqygt11PnkovZ2LkO08m User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 29 Mar 2018 02:05:28 GMT P3p policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM" Connection keep-alive Stid CvQBClq8SegAAAARQ/8XAw== Content-Length 42 Content-Type image/gif Redirect headers Date Thu, 29 Mar 2018 02:05:28 GMT Server nginx/1.12.2 X-Powered-By Undertow/1 P3P policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Location http://sync.sharethis.com/nlsn?uid=b66b490945967a251118e097d562d525 Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-19 08:22:41	Name: df Value: 1522289128
.bluekai.com/	1970-01-18 19:10:41	Name: bku Value: 4tL99mCJFaGTVV5W
.dtscout.com/	1970-01-18 14:52:55	Name: st Value: 1
.dtscout.com/	1970-01-18 14:52:55	Name: pi Value: 1
.dtscout.com/	1970-01-18 14:51:57	Name: es Value: 1
.dtscout.com/	1970-01-25 20:05:16	Name: l Value: RQTnHlq8SehBY2v2pcVOAg==
.bluekai.com/	1970-01-18 19:10:41	Name: bkdc Value: iad
.dtscout.com/	1970-01-18 14:52:55	Name: ah Value: 1
.dtscout.com/	1970-01-18 14:51:43	Name: ey Value: 1
.dtscout.com/	1970-01-18 14:51:30	Name: m Value: 1
.dtscout.com/	1970-01-18 14:51:57	Name: b Value: 1
hitglobal.com.tr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5e7f19af12de5ca147e2d5788646a5fc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
cm.g.doubleclick.net
coredrillrigpartsafrica.com
de.tynt.com
hitglobal.com.tr
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
images-na.ssl-images-amazon.com
loadus.exelator.com
ps.eyeota.net
s.cpx.to
sync.sharethis.com
t.dtscout.com
whos.amung.us
widgets.amung.us
104.16.87.26
185.111.232.21
185.225.208.133
208.100.17.181
208.100.17.187
216.52.1.12
216.58.214.98
34.228.95.180
35.157.92.151
37.252.172.39
41.185.12.80
52.222.166.250
52.28.202.155
54.72.152.28
67.202.94.94
69.4.231.30
11b2083cdc7b8f40bb37f550418ab53b58f37716c343a53b37904427dd2d779e
4ce1b2cf7ca8079968036304a82db60fb203089f5264fcfcb6825e64aa46dd19
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a9bb21f01e36c5282c9a084c2a915150c15289eb34a94e74f87ecd34021d81
8fdf315acd492d219fa5878134b780145d76a8eb73fe2bf32c024ebb4b145380
9b04780aae5dbc8eab481e256cde423c8585d2ce5502d70ed2048dad7f805de9
a7da7cfcd2832e7f2e5b550cd59f875023bc689174b1c6d714d0a1432e646049
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b8560a81404cc764bb7b99b88c2276284051b242c5c2206249ed3b8d1706eef1
bf038e0a2b50d8f918e6548561a023cd495f1bc598802df276f846c07cd174d1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
ca7f32fc532762fca506c7a016be6b21a558275cd3f4189f646287cc22b213b6
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e9e46381be104155e8a3933f84480d16c02d379ff0c958262894394cfaad283f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

hitglobal.com.tr Open in urlscan Pro 185.111.232.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

13 Domains

16 Subdomains

14 IPs

7 Countries

77 kBTransfer

216 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

12 Cookies

Indicators

hitglobal.com.tr Open in urlscan Pro
185.111.232.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

14
IPs

7
Countries

77 kB
Transfer

216 kB
Size

12
Cookies

16 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!