masajsalonx.com Open in urlscan Pro
172.67.134.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://masajsalonx.com/akbati/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On May 29 via api (May 29th 2024, 11:20:55 am UTC) from IT — Scanned from IT

Summary HTTP 10 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 10 HTTP transactions. The main IP is 172.67.134.137, located in United States and belongs to CLOUDFLARENET, US. The main domain is masajsalonx.com.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2024. Valid for: 3 months.

This is the only time masajsalonx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.67.134.137 172.67.134.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.25.203 104.21.25.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	3

3 172.67.134.137 (United States)

ASN13335 (CLOUDFLARENET, US)

masajsalonx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
akbati.masajsalonx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.25.203 (None, )

ASN13335 (CLOUDFLARENET, US)

akbati.masajsalonx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	masajsalonx.com masajsalonx.com akbati.masajsalonx.com	15 KB
10	1

	Domain	Requested by
2	akbati.masajsalonx.com	masajsalonx.com
2	masajsalonx.com
10	2

This site contains links to these domains. Also see Links.

Domain
akbati.masajsalonx.com
wordpress.org

Subject Issuer	Validity	Valid
masajsalonx.com GTS CA 1P5	`2024-05-28` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://masajsalonx.com/akbati/
Frame ID: 87BEF9FAFCEABB21B7B2CE7F548DA8B2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sayfa bulunamadı – Akbatı Masaj Salonu

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

10
Requests

40 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

15 kB
Transfer

63 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://akbati.masajsalonx.com/
Title: Akbatı Masaj Salonu

Search URL Search Domain Scan URL

URL: http://akbati.masajsalonx.com/ornek-sayfa
Title: Örnek sayfa

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response masajsalonx.com/akbati/	40 KB 10 KB	517ms 416ms	Document text/html	172.67.134.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://masajsalonx.com/akbati/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.134.137 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc9d0df86a43ec2dff0fef8f4947021f9e35afee25c1be3868d7cdd62f9a8df2` Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 88b618cb6f59698c-CDG content-encoding br content-type text/html; charset=UTF-8 date Wed, 29 May 2024 11:20:44 GMT expires Wed, 11 Jan 1984 05:00:00 GMT link <http://akbati.masajsalonx.com/wp-json/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgZa0NfHD5ou%2BdvYdvsGrtiw%2BwYJifC6A%2Fw6xFSAVaXmxckYlTZnf%2FBwend7cjbRbXrhcMToeGRG3U0tRh%2FxZ6v0EymRwRqDLGY54C835LSBW8iEzX%2FZvU3VPifCWw7eG6s%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	style.min.css akbati.masajsalonx.com/wp-includes/blocks/navigation/	16 KB 3 KB	231ms 216ms	Stylesheet text/css	172.67.134.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://akbati.masajsalonx.com/wp-includes/blocks/navigation/style.min.css?ver=6.5.3 Requested by Host: masajsalonx.com URL: https://masajsalonx.com/akbati/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.134.137 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://masajsalonx.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 11:20:44 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 20 Feb 2024 11:16:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcFCKLg%2Bs4N8WdNZFphvFhV5g2u1jsJIvucg06icgVGTNiG11tnB26ygUJaCFNo4f7cQiTL7Sw6dRH8qLUOmLPDfk%2BCbzjkhznDu7Ix6C6eymYnIR%2F3h5d42luipLpxizKx%2BiDNbPpJw"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 88b618ce987b698c-CDG alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	79023761-eecd-4d4c-9938-599b4ff00c74 https://masajsalonx.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://masajsalonx.com/79023761-eecd-4d4c-9938-599b4ff00c74 Requested by Host: masajsalonx.com URL: https://masajsalonx.com/akbati/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c` Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Length 1185 Content-Type text/javascript
GET H3	200	style.css akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/	6 KB 2 KB	238ms 238ms	Stylesheet text/css	104.21.25.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/style.css?ver=1.7 Requested by Host: masajsalonx.com URL: https://masajsalonx.com/akbati/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.25.203 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d5ff3532392cfc5a59e309b5a18b9d57400fa32fbc0467f871f12bfc1a1f508` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://masajsalonx.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 11:20:44 GMT content-encoding br cf-cache-status MISS last-modified Thu, 28 Mar 2024 08:29:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9wDZwjRruUw2uPYYDzXyvmOwgmHCztGUyOkAj5W0T90waQcz8mKcMuBfIJzSaZzAjiR2qV2J6dWfY0dHU9QF%2FyYTVO%2FpO%2BNHhHDTw7yh0IV9x%2FTXNPnpX%2B9w17uI18BL94FwVYL%2FepM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 88b618cee86559ad-MXP alt-svc h3=":443"; ma=86400
GET		view.min.js akbati.masajsalonx.com/wp-includes/blocks/navigation/	0 0

GET		interactivity.min.js akbati.masajsalonx.com/wp-includes/js/dist/	0 0

GET		SourceSerif4Variable-Roman.ttf.woff2 akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/	0 0

GET		SourceSerif4Variable-Italic.ttf.woff2 akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/	0 0

GET		wp-emoji-release.min.js akbati.masajsalonx.com/wp-includes/js/	0 0

GET H2	404	favicon.ico masajsalonx.com/	315 B 533 B	206ms 205ms	Other text/html	172.67.134.137 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://masajsalonx.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.134.137 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://masajsalonx.com/akbati/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 29 May 2024 11:20:45 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwyBeGwZEjC66TqLKFl6ACvRelvSrv1eODWqqzR1mX0RFjjsWrcGdM9%2FEWZNznHcfddipc6kBvTvTwKchdWfmh2wmgv5XsFlDL0bRrjABXhW4QxuFawS06r3MC%2BGWDFBbz4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 88b618d0a965698c-CDG alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: akbati.masajsalonx.com
URL: https://akbati.masajsalonx.com/wp-includes/blocks/navigation/view.min.js?ver=6.5.3

Domain: akbati.masajsalonx.com
URL: https://akbati.masajsalonx.com/wp-includes/js/dist/interactivity.min.js?ver=6.5.3

Domain: akbati.masajsalonx.com
URL: http://akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Roman.ttf.woff2

Domain: akbati.masajsalonx.com
URL: http://akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Italic.ttf.woff2

Domain: akbati.masajsalonx.com
URL: http://akbati.masajsalonx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://masajsalonx.com/akbati/ Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://masajsalonx.com/akbati/(Line 171) Message: Mixed Content: The page at 'https://masajsalonx.com/akbati/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://akbati.masajsalonx.com/'. This endpoint should be made available over a secure connection.
security	error	URL: https://masajsalonx.com/akbati/ Message: Mixed Content: The page at 'https://masajsalonx.com/akbati/' was loaded over HTTPS, but requested an insecure font 'http://akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Roman.ttf.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://masajsalonx.com/akbati/ Message: Mixed Content: The page at 'https://masajsalonx.com/akbati/' was loaded over HTTPS, but requested an insecure font 'http://akbati.masajsalonx.com/wp-content/themes/twentytwentytwo/assets/fonts/source-serif-pro/SourceSerif4Variable-Italic.ttf.woff2'. This request has been blocked; the content must be served over HTTPS.
javascript	error	URL: https://masajsalonx.com/akbati/ Message: Access to script at 'https://akbati.masajsalonx.com/wp-includes/blocks/navigation/view.min.js?ver=6.5.3' from origin 'https://masajsalonx.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://akbati.masajsalonx.com/wp-includes/blocks/navigation/view.min.js?ver=6.5.3 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://masajsalonx.com/akbati/(Line 13) Message: Mixed Content: The page at 'https://masajsalonx.com/akbati/' was loaded over HTTPS, but requested an insecure script 'http://akbati.masajsalonx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3'. This request has been blocked; the content must be served over HTTPS.
javascript	error	URL: https://masajsalonx.com/akbati/ Message: Access to script at 'https://akbati.masajsalonx.com/wp-includes/js/dist/interactivity.min.js?ver=6.5.3' from origin 'https://masajsalonx.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://akbati.masajsalonx.com/wp-includes/js/dist/interactivity.min.js?ver=6.5.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://masajsalonx.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akbati.masajsalonx.com
masajsalonx.com
akbati.masajsalonx.com
104.21.25.203
172.67.134.137
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5d5ff3532392cfc5a59e309b5a18b9d57400fa32fbc0467f871f12bfc1a1f508
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b
fc9d0df86a43ec2dff0fef8f4947021f9e35afee25c1be3868d7cdd62f9a8df2

masajsalonx.com Open in urlscan Pro 172.67.134.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

40 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

3 IPs

2 Countries

15 kBTransfer

63 kBSize

0 Cookies

3 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

10 Console Messages

Indicators

masajsalonx.com Open in urlscan Pro
172.67.134.137 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

40 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

2
Countries

15 kB
Transfer

63 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions