www.hergunavantaj.com.tr Open in urlscan Pro
2606:4700:3034::ac43:cdf4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hergunavantaj.com.tr/acqba576pt/account
Effective URL:
https://www.hergunavantaj.com.tr/g3gehs2i62/account
Submission: On July 08 via automatic, source openphish (July 8th 2024, 1:31:05 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3034::ac43:cdf4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hergunavantaj.com.tr.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.

This is the only time www.hergunavantaj.com.tr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3034::ac43:cdf4		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 2606:4700:3034::ac43:cdf4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hergunavantaj.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	hergunavantaj.com.tr www.hergunavantaj.com.tr	44 KB
12	1

	Domain	Requested by
12	www.hergunavantaj.com.tr	www.hergunavantaj.com.tr
12	1

This site contains no links.

Subject Issuer	Validity	Valid
hergunavantaj.com.tr WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.hergunavantaj.com.tr/g3gehs2i62/account
Frame ID: E7AA230287EA23A4767DD3FC617AE12F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hesabınızda oturum açın

Page URL History Show full URLs

https://www.hergunavantaj.com.tr/acqba576pt/account Page URL
https://www.hergunavantaj.com.tr/g3gehs2i62/account Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

44 kB
Transfer

115 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.hergunavantaj.com.tr/acqba576pt/account Page URL
https://www.hergunavantaj.com.tr/g3gehs2i62/account Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	account Show response www.hergunavantaj.com.tr/acqba576pt/	102 B 652 B	117ms 64ms	Document text/html	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/acqba576pt/account Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash `cd6ac2edb15e0d729d37253aa6644c09e142ab60426568a1869f6b5ec694b42e` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 89fc4fc4fd8d37c6-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 08 Jul 2024 01:30:53 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIaqFkkWHyzBAOEirhRilFZdQ4t1Gjeh%2Bok%2B6edq%2FWxgHhQAmVTFjHjeJ02L6rQ7urbOzsvzDqdWl6hSTxXSnZnnn0pCPHlXmamHM0rOtvGUgOfQN2nUc5GsicVc9nRHz97lgzs4L05z0GRyA1ON9v0mzxb3Ouo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12
GET H2	200	Primary Request account Show response www.hergunavantaj.com.tr/g3gehs2i62/	4 KB 1 KB	786ms 786ms	Document text/html	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash `3ccc705865bedc1803f3a789a97b0a066b4d5923c6878896ef9b6876bb9dc628` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.hergunavantaj.com.tr/acqba576pt/account Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 89fc4fd21d1437c6-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 08 Jul 2024 01:30:56 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tt51XoIYYSAvY4RHbF1ztrW0%2F1sRDyn0Mz7zs%2BXrdyTsen5qYDzLdY2Nb8%2FBIIYmy4CtQFsks3WOHM5A%2F1VWWf5tDp%2FGUAtbc3X2wttBSb4VEcpANpHz3D59Jr5sPUYIALQU4hKMeiQn3P2ce8giYBxJ0ZBZWgA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12
GET H3	200	style.css www.hergunavantaj.com.tr/assets/css/	13 KB 3 KB	44ms 43ms	Stylesheet text/css	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/assets/css/style.css Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f0a762926db3e56e1f02051af602c2fd71f0e8cc633a4b5678613101299d9d2` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 04 Nov 2023 07:59:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1403 etag W/"336e-6094f00fe5c00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=60cNR%2FsK%2B7eBBXwttcvWzfyjIy0DU68VW0tUPdHVzfaF5Bc9wJ%2Bn8yUrDG3i7ytRaumBMqayW6IXcVx%2Fn4cYFUoYTnsnY2A5SMr1LpFjd3Io7r1xcC3hwnSy4ZwXnOVGlcz%2FfxMKw69QD0%2FZgwucnl2vOp3%2FiWY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 89fc4fd70bbe973c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ms_logo.svg www.hergunavantaj.com.tr/assets/img/	4 KB 2 KB	44ms 44ms	Image image/svg+xml	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hergunavantaj.com.tr/assets/img/ms_logo.svg Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Fri, 16 Dec 2022 06:01:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1403 etag W/"e43-5efebb1a09f00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gws3pxKBCvLvOLCMfbWLh%2Br%2BVWKkYy1ngfLkzzIUlNihhy5gOqWC68TZznBsEa%2BkNNOXjxEqYx3kK3xdw%2FoKtTw%2FxWutpFj8MTpDcaq6tw%2FjBaSAJndaJARkDo1whqSKQJOzP8ta%2FVE0IXrLd25ADkM5RAWTKXA%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89fc4fd70bc0973c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	question_mark.svg www.hergunavantaj.com.tr/assets/img/	2 KB 1 KB	45ms 44ms	Image image/svg+xml	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hergunavantaj.com.tr/assets/img/question_mark.svg Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Fri, 16 Dec 2022 06:01:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1403 etag W/"613-5efebb4f71d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAyAn%2BJk9SlSX96qfV7lc8lQEkYVoxFfkrCVA5PGag9kOognaQQ9O544EXGwnQ2vzrG%2BQn%2B8awkNLNpLcbpmHZ2eprH8woutZtP3zQcayqOy20Bb5soLqr5vgrGvU8aGj3C4Qj2UQzMYkr6wxHiEndh1DwjdqUQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89fc4fd70bc5973c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	option.svg www.hergunavantaj.com.tr/assets/img/	2 KB 1 KB	38ms 37ms	Image image/svg+xml	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hergunavantaj.com.tr/assets/img/option.svg Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Fri, 16 Dec 2022 06:02:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1403 etag W/"638-5efebb609c580" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkywn1ZWaeZOU7vFiqeWxOkL%2Bm1q7YJqScVGMJEyRpgsEmfdMMaM9zofvL1IjKCf%2BdhE3Q5UXMo1OywRd0sthf9UZeHpcrzwapf4QbReNwAwGiCBqnq043aXswjh43%2FDzE2VvX4oBcxADNPKSQV4JBsi3%2FPBF%2Fk%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89fc4fd71bcf973c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	back.png www.hergunavantaj.com.tr/assets/img/	240 B 727 B	36ms 35ms	Image image/png	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hergunavantaj.com.tr/assets/img/back.png Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT cf-cache-status HIT last-modified Fri, 16 Dec 2022 06:02:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3392 etag "f0-5efebb7968000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lb%2FqEskd4uW98Qr2KMB3M09eiz21MSfZ39A7O%2B3XY17ThXrdrtC%2FROu%2B4D%2Byn3Xqt6WIpzs%2Ftgc4ZYe%2FQr6TEF13n83dJi0sLDXTYmeMPIpg%2BjyLqp%2Bez3Mh%2FwFnyxJYU4Odwwqbfy03DR0%2BD4o5fd74%2FrhnbDg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89fc4fd71bd0973c-FRA alt-svc h3=":443"; ma=86400 content-length 240
GET H3	200	jquery-3.7.1.min.js Show response www.hergunavantaj.com.tr/assets/js/	85 KB 31 KB	38ms 37ms	Script text/javascript	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/assets/js/jquery-3.7.1.min.js Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 04 Nov 2023 05:36:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3392 etag W/"155ed-6094cff521d80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLwZTIKiWda4KS4XNMukd9qhQU8F2ac89BojQnVImjmMVPfVJ5UlcIa0x%2FrQ04dEVxmKnd2XCOlDXm54mOf1dJxIHX9c9VNhU0aBl5P7hJ0UazXBJ4URocMHX5e1xREa9z%2Bgyrt98fgGWI4YoBvPgsgre2usEDY%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 89fc4fd71bd2973c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	main.js Show response www.hergunavantaj.com.tr/assets/js/	4 KB 1 KB	37ms 36ms	Script text/javascript	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/assets/js/main.js Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `828eebc50763ce9fd442d609a8c9e91771814958ac52c77528ee77a76d6ddafe` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Sat, 04 Nov 2023 08:04:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1403 etag W/"eb5-6094f11aed200" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8a0n66oSork6XrMuaa849BUpdYMxB8IsSAtO0mUMR9Qe71ZvGsgtm7R%2F2JwvILlCPIrGqQ2l8X7OhWYpb%2FoswJOw9nd16G3Tt7WC9Mu6AQGBlGK4Jxvlkzi2TgukDhp%2BFH4Cob0b8tV8BbmjSpTGjYWWq5bnBc%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 89fc4fd71bd6973c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bg.svg www.hergunavantaj.com.tr/assets/img/	2 KB 1 KB	34ms 34ms	Image image/svg+xml	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hergunavantaj.com.tr/assets/img/bg.svg Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/assets/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.hergunavantaj.com.tr/assets/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status HIT last-modified Mon, 12 Dec 2022 17:38:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1395 etag W/"748-5efa4f7a4c900" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMSW9vBSaH2Jzj86k9%2BOwv4sfmwd2ImwBxlMzAbtT1Vek3ZkCJwDhu%2BDBY8BIjfzrtm89%2BUshnMaW%2FKpryeD72LcksBlhrzXjNY23I0NeQEPyYt5oEi1GYiOuKOutMXkidhfA4DCg1Fk2zJqU5Tuk39%2FiizjDz8%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89fc4fd75bf9973c-FRA alt-svc h3=":443"; ma=86400
POST H3	200	stat Show response www.hergunavantaj.com.tr/	0 514 B	76ms 76ms	XHR text/html	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/stat Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/assets/js/jquery-3.7.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Accept / Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 08 Jul 2024 01:30:56 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mwy3ec9UmLdsFWyUrwSNhoqS16B5i3ksrKVHIbMKU%2BnwhPWEXMdMBMLJ8CVS2A5XvX92mG%2BMxO5876HfjnG5Qx4iX9CJWDd81%2BZhhjXaJpns4xrRbpwXjnzbHtH3CuZr7tecZ80zBl6QitQHg5G2LPngQsFZ%2FIA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 89fc4fd7bc30973c-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	200	stat Show response www.hergunavantaj.com.tr/	0 516 B	72ms 71ms	XHR text/html	2606:4700:3034::ac43:cdf4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hergunavantaj.com.tr/stat Requested by Host: www.hergunavantaj.com.tr URL: https://www.hergunavantaj.com.tr/assets/js/jquery-3.7.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:cdf4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Accept / Referer https://www.hergunavantaj.com.tr/g3gehs2i62/account X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 08 Jul 2024 01:31:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRjnJR%2FoA6TlvqjKGMt%2BZ9FD8b58m4%2BKsceaxM7STPQkUskWdXPjLyu270TJdH%2FIZ81ZSMO%2B%2F8iWBUi3bDNjO5gUnCr7s%2F18xGbZlKfEeVz6l92O5nkaqvecjGto8J5t2K8jD43WisbeeUlJsAat8Ie6WK6Khtc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 89fc50037b1c973c-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.hergunavantaj.com.tr/	1969-12-31 23:59:59	Name: PHPSESSID Value: g3gehs2i62n3n6o0gn4ep7d93g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.hergunavantaj.com.tr/g3gehs2i62/account Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.hergunavantaj.com.tr
2606:4700:3034::ac43:cdf4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
3ccc705865bedc1803f3a789a97b0a066b4d5923c6878896ef9b6876bb9dc628
6f0a762926db3e56e1f02051af602c2fd71f0e8cc633a4b5678613101299d9d2
828eebc50763ce9fd442d609a8c9e91771814958ac52c77528ee77a76d6ddafe
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83
cd6ac2edb15e0d729d37253aa6644c09e142ab60426568a1869f6b5ec694b42e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

www.hergunavantaj.com.tr Open in urlscan Pro 2606:4700:3034::ac43:cdf4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

44 kBTransfer

115 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.hergunavantaj.com.tr Open in urlscan Pro
2606:4700:3034::ac43:cdf4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

44 kB
Transfer

115 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!