fabrikamalzemeleri.org
Open in
urlscan Pro
89.252.130.86
Malicious Activity!
Public Scan
Effective URL: http://fabrikamalzemeleri.org/link1/
Submission: On November 29 via manual from US
Summary
This is the only time fabrikamalzemeleri.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Excel / PDF download (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 45.40.140.1 45.40.140.1 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
7 | 89.252.130.86 89.252.130.86 | 51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS) | |
1 2 | 2a01:4f9:2a:f... 2a01:4f9:2a:f67::2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 1 | 2600:9000:204... 2600:9000:2043:2c00:1a:9447:e40:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2600:9000:21c... 2600:9000:21c7:7e00:1a:9447:e40:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
11 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net
x.co |
ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: j5zywj4z.ni.net.tr
fabrikamalzemeleri.org |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
i63.tinypic.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
tinypic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
fabrikamalzemeleri.org
fabrikamalzemeleri.org |
130 KB |
2 |
tinypic.com
1 redirects
i63.tinypic.com tinypic.com |
16 KB |
2 |
imgur.com
i.imgur.com |
51 KB |
2 |
freeiconspng.com
1 redirects
www.freeiconspng.com |
401 B |
2 |
x.co
2 redirects
x.co |
290 B |
11 | 5 |
Domain | Requested by | |
---|---|---|
7 | fabrikamalzemeleri.org |
fabrikamalzemeleri.org
|
2 | i.imgur.com |
fabrikamalzemeleri.org
|
2 | www.freeiconspng.com |
1 redirects
fabrikamalzemeleri.org
|
2 | x.co | 2 redirects |
1 | tinypic.com |
fabrikamalzemeleri.org
|
1 | i63.tinypic.com | 1 redirects |
11 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
freeiconspng.com COMODO RSA Domain Validation Secure Server CA |
2018-12-06 - 2019-12-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://fabrikamalzemeleri.org/link1/
Frame ID: 3BE8FCF69CD5141EA9701E48675C0000
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://x.co/6ntGy
HTTP 301
https://x.co/6ntGy HTTP 302
http://fabrikamalzemeleri.org/link1/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://x.co/6ntGy
HTTP 301
https://x.co/6ntGy HTTP 302
http://fabrikamalzemeleri.org/link1/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://www.freeiconspng.com/ptp.php?pdf-word-icon-31 HTTP 302
- https://www.freeiconspng.com/img/2082
- http://i63.tinypic.com/33wr6fd.png HTTP 301
- http://tinypic.com/images/goodbye.jpg
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
fabrikamalzemeleri.org/link1/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebox.css
fabrikamalzemeleri.org/link1/javascript/facebox/src/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
only.js
fabrikamalzemeleri.org/link1/js/ |
599 B 880 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.6.2.min.js
fabrikamalzemeleri.org/link1/javascript/ |
89 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebox.js
fabrikamalzemeleri.org/link1/javascript/facebox/src/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.watermark.js
fabrikamalzemeleri.org/link1/javascript/watermark/ |
18 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
javascript1.js
fabrikamalzemeleri.org/link1/javascript/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2082
www.freeiconspng.com/img/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Yyjfy0T.png
i.imgur.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
goodbye.jpg
tinypic.com/images/ Redirect Chain
|
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7dHA6V2.jpg
i.imgur.com/ |
46 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Excel / PDF download (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery16209297524763839533 function| script function| click_to_download function| make_the_delay function| redirect_the function| now_download0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fabrikamalzemeleri.org
i.imgur.com
i63.tinypic.com
tinypic.com
www.freeiconspng.com
x.co
151.101.12.193
2600:9000:2043:2c00:1a:9447:e40:93a1
2600:9000:21c7:7e00:1a:9447:e40:93a1
2a01:4f9:2a:f67::2
45.40.140.1
89.252.130.86
051946860b04b5b64a52df8b240e4888469c4b384b4816df4974f84a0f3408f4
0cf7c2b6cecd3c1605353d7e19f982842e64388883dd3d1d1c657cf78b5cdd4b
2d9b3835ce3a659c907acd33d613bab446a7894f108dddca2f2d1407263cd2d0
7df02fc6b482258e0f416f8ed8cb9fc01f3591070b84773f3bef9db57a393ce3
983747e7938326bd872ecf4734d559a8d811dbd4488fd46c05fe6f99e9b0a867
9a2a983c9ea36e030b6ee8f7f08a2d966fed84f445af2710fcc49dd98b37e832
c2c9196ee861cec69e7971b0439d0d448df3328f472f226971a7d5bb5dc0ec94
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d76d8ccf3c229b319c08e3b8f44a9b3cbc00d72b25a5cdbe40609ef4856a8c98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053