gelmezsam.click Open in urlscan Pro
104.21.8.187 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gelmezsam.click/
Submission: On December 20 via api (December 20th 2024, 6:26:31 pm UTC) from US — Scanned from IL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 104.21.8.187, located in and belongs to CLOUDFLARENET, US. The main domain is gelmezsam.click.
TLS certificate: Issued by WE1 on December 20th 2024. Valid for: 3 months.

This is the only time gelmezsam.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.8.187 104.21.8.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
15	3

6 104.21.8.187 (None, )

ASN13335 (CLOUDFLARENET, US)

gelmezsam.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gelmezsam.click gelmezsam.click	84 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
0	kgm.gov.tr Failed ozelyuk.kgm.gov.tr Failed
15	3

	Domain	Requested by
6	gelmezsam.click	gelmezsam.click
1	code.jquery.com	gelmezsam.click
0	ozelyuk.kgm.gov.tr Failed	gelmezsam.click
15	3

This site contains no links.

Subject Issuer	Validity	Valid
gelmezsam.click WE1	`2024-12-20` - `2025-03-20`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gelmezsam.click/
Frame ID: CA0F9977327537048E960612E0A7B9F4
Requests: 2 HTTP requests in this frame

Frame: https://gelmezsam.click/p/gecis/
Frame ID: 44A2BAB9702C70016D989F5EAB92CE14
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

47 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

114 kB
Transfer

397 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response gelmezsam.click/	1 KB 1 KB	737ms 431ms	Document text/html	104.21.8.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gelmezsam.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.14 PleskLin Resource Hash `c49ea37762c0f5425695aafbad25ff29b5fc8e8da77a114525d2c72cb232d4ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8f51ae303ba935db-LHR content-encoding zstd content-type text/html; charset=UTF-8 date Fri, 20 Dec 2024 18:26:23 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzFyEbq7VfU1DZZDiBQJrbW1ZPxzrLd4viMQTF3BLhGDvGQCjl%2BrKpEtlE6IfDxz%2FcdBCjmnKR1Ff8Dxghu5IPnDheHWA1dA%2BkzCWw4eLkRUdWhDd1NprmbZUbUNvzjjk10%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=140086&min_rtt=135264&rtt_var=36854&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4216&recv_bytes=4485&delivery_rate=3739&cwnd=12000&unsent_bytes=0&cid=658700664dcf8474&ts=572&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding x-powered-by PHP/8.3.14 PleskLin
GET H2	200	jquery-3.6.2.min.js Show response code.jquery.com/	88 KB 31 KB	402ms 127ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.2.min.js Requested by Host: gelmezsam.click URL: https://gelmezsam.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `da4ad864a87ffcf71c851b5df87f95cb242867f7b711cae4c6133cc9cc0048f0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://gelmezsam.click Referer https://gelmezsam.click/ Response headers content-encoding gzip etag W/"28feccc0-15f56" age 3241985 x-cache HIT, HIT date Fri, 20 Dec 2024 18:26:24 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding x-cache-hits 1, 575 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-served-by cache-lga21931-LGA, cache-lcy-eglc8600066-LCY cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1734719184.116440,VS0,VE0 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 31043 server nginx
GET H3	200	/ Show response gelmezsam.click/p/gecis/ Frame 44A2	25 KB 7 KB	271ms 270ms	Document text/html	104.21.8.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gelmezsam.click/p/gecis/ Requested by Host: gelmezsam.click URL: https://gelmezsam.click/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.14 PleskLin Resource Hash `01d7e52326a5ccd70a309a33b368328e06b7331693a5e515f8ac8062909c2a90` Request headers Referer https://gelmezsam.click/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8f51ae364ad235db-LHR content-encoding zstd content-type text/html; charset=UTF-8 date Fri, 20 Dec 2024 18:26:24 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1NEO59zFQltzAD7IB4kTRyB612SONguH0m4NR%2FlV%2FjR3014kmk%2BQ2jWj8j1S%2F%2FyN6WYBzqygInPawTlCIW%2B72e7HsNXuVJjGgxx%2BfLzma%2BoI85ryT0YbtEEGZ5cpmoeyBE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=141199&min_rtt=135264&rtt_var=19746&sent=17&recv=14&lost=0&retrans=0&sent_bytes=5809&recv_bytes=5043&delivery_rate=10157&cwnd=12000&unsent_bytes=0&cid=658700664dcf8474&ts=1397&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding x-powered-by PHP/8.3.14 PleskLin
GET		mainV1.css ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Css/ Frame 44A2	0 0

GET		modal.css ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Css/ Frame 44A2	0 0

GET		kredikart.css ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Css/ Frame 44A2	0 0

GET		default.gif ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/ Frame 44A2	0 0

GET		kgm_logo.png ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/ Frame 44A2	0 0

GET		udh_logo.png ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/ Frame 44A2	0 0

GET		ataturk.png ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/ Frame 44A2	0 0

GET		javascriptObf.js ozelyuk.kgm.gov.tr/WebIhlalStaticContent/js/ Frame 44A2	0 0

GET H3	200	jquery-3.6.1.min.js Show response gelmezsam.click/p/gecis/assets/js/ Frame 44A2	88 KB 33 KB	537ms 536ms	Script application/javascript	104.21.8.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gelmezsam.click/p/gecis/assets/js/jquery-3.6.1.min.js Requested by Host: gelmezsam.click URL: https://gelmezsam.click/p/gecis/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gelmezsam.click/p/gecis/ Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"633f5532-15e40" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lG2bw60PrxayBfwXo1l8IZ9s8VgG6E0tSeMxMsvoMCo1srSCo9UfZZXX6I07WBEAx9UXOJuawrfNRQPB4%2B0KnT0bVWH1cA6DRZBKNAk93guPysU66xqBuH2Sv9Lnpuo0mcY%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=137041&min_rtt=130990&rtt_var=11629&sent=35&recv=22&lost=0&retrans=0&sent_bytes=25197&recv_bytes=6575&delivery_rate=27389&cwnd=12000&unsent_bytes=0&cid=658700664dcf8474&ts=1834&x=1", cfExtPri, cfHdrFlush;dur=119 date Fri, 20 Dec 2024 18:26:24 GMT content-type application/javascript last-modified Thu, 06 Oct 2022 22:22:42 GMT vary Accept-Encoding priority u=2,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f51ae382cb335db-LHR x-powered-by PleskLin server cloudflare
GET H3	200	jquery.inputmask.js Show response gelmezsam.click/p/gecis/assets/js/ Frame 44A2	193 KB 40 KB	398ms 397ms	Script application/javascript	104.21.8.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gelmezsam.click/p/gecis/assets/js/jquery.inputmask.js Requested by Host: gelmezsam.click URL: https://gelmezsam.click/p/gecis/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `875bdb0533da346a98122c67ca81a667fb70ebea2822c85e762b1f758ae18ed9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gelmezsam.click/p/gecis/ Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"6337c980-3045f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vf%2FjfUWJH1pi%2BtaxL8THJQEYAvzdJgNawhD58EheOPoGXkYkHInSSS%2BnDAEXvzGYAsdVNQYGBE21yEe22n1dlCPrynfRyOE2YKL1aOLGYWB0stqkMOeZO8awbkyaP9o91Eo%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=137041&min_rtt=130990&rtt_var=11629&sent=25&recv=22&lost=0&retrans=0&sent_bytes=13197&recv_bytes=6575&delivery_rate=27389&cwnd=12000&unsent_bytes=0&cid=658700664dcf8474&ts=1821&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 20 Dec 2024 18:26:24 GMT content-type application/javascript last-modified Sat, 01 Oct 2022 05:00:48 GMT vary Accept-Encoding priority u=2,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f51ae382cb835db-LHR x-powered-by PleskLin server cloudflare
GET H3	200	inputmask.binding.js Show response gelmezsam.click/p/gecis/assets/js/ Frame 44A2	853 B 1 KB	675ms 674ms	Script application/javascript	104.21.8.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gelmezsam.click/p/gecis/assets/js/inputmask.binding.js Requested by Host: gelmezsam.click URL: https://gelmezsam.click/p/gecis/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `54890f2daffd62abc7dd11a6217e9610c722720c94c70243ef695d305e73582a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gelmezsam.click/p/gecis/ Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"355-5e9f1fe656000" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWzGcvMEPhaCz9OYGn7hQgwcG5e4%2F1JyopD377bLmCbKsPiWkzDBpvwy40rQUtu8wxl1jHTWdfzDu5O4dBiEcOGJziCBZiW37neXngc%2FRNJdAOdpdI5WNbX7HZAfAGfDJVo%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=137041&min_rtt=130990&rtt_var=11629&sent=35&recv=22&lost=0&retrans=0&sent_bytes=25197&recv_bytes=6575&delivery_rate=27389&cwnd=12000&unsent_bytes=0&cid=658700664dcf8474&ts=1856&x=1", cfExtPri, cfHdrFlush;dur=97 date Fri, 20 Dec 2024 18:26:24 GMT content-type application/javascript vary Accept-Encoding last-modified Sat, 01 Oct 2022 05:00:48 GMT priority u=2,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-accel-version 0.01 cf-ray 8f51ae382cb935db-LHR x-powered-by PleskLin server cloudflare
GET H3	200	custom.js Show response gelmezsam.click/p/gecis/assets/js/ Frame 44A2	1 KB 1 KB	674ms 673ms	Script application/javascript	104.21.8.187 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gelmezsam.click/p/gecis/assets/js/custom.js Requested by Host: gelmezsam.click URL: https://gelmezsam.click/p/gecis/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.187 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `73e5b52f60a794a93d988bf3052f0ee115cc61c3d0f3ea68935fe09a492fb081` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://gelmezsam.click/p/gecis/ Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"63e026e2-535" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trYabyha6pgD7qygVhQk2pxeKnhxGTJCnw%2BT7PaDfpgbCLyUxfKhONKk4ltnEaea%2FakUTCQhLw3QHg%2FSleVFQ1ej8E7TGXWjC6kMfnJGrZGyV9IgTmEelO3EeL8J3wRM%2FVw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=137041&min_rtt=130990&rtt_var=11629&sent=35&recv=22&lost=0&retrans=0&sent_bytes=25197&recv_bytes=6575&delivery_rate=27389&cwnd=12000&unsent_bytes=0&cid=658700664dcf8474&ts=1836&x=1", cfExtPri, cfHdrFlush;dur=117 date Fri, 20 Dec 2024 18:26:24 GMT content-type application/javascript last-modified Sun, 05 Feb 2023 22:00:02 GMT vary Accept-Encoding priority u=2,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f51ae382cba35db-LHR x-powered-by PleskLin server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Css/mainV1.css

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Css/modal.css

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Css/kredikart.css

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/default.gif

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/kgm_logo.png

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/udh_logo.png

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/Images/ataturk.png

Domain: ozelyuk.kgm.gov.tr
URL: https://ozelyuk.kgm.gov.tr/WebIhlalStaticContent/js/javascriptObf.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| savePath

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gelmezsam.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: pfti0scdkttu5lf4n6le9m1i87

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gelmezsam.click/p/gecis/ Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
gelmezsam.click
ozelyuk.kgm.gov.tr
ozelyuk.kgm.gov.tr
104.21.8.187
151.101.194.137
01d7e52326a5ccd70a309a33b368328e06b7331693a5e515f8ac8062909c2a90
54890f2daffd62abc7dd11a6217e9610c722720c94c70243ef695d305e73582a
73e5b52f60a794a93d988bf3052f0ee115cc61c3d0f3ea68935fe09a492fb081
875bdb0533da346a98122c67ca81a667fb70ebea2822c85e762b1f758ae18ed9
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
c49ea37762c0f5425695aafbad25ff29b5fc8e8da77a114525d2c72cb232d4ad
da4ad864a87ffcf71c851b5df87f95cb242867f7b711cae4c6133cc9cc0048f0

gelmezsam.click Open in urlscan Pro 104.21.8.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

47 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

114 kBTransfer

397 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

gelmezsam.click Open in urlscan Pro
104.21.8.187 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

47 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

114 kB
Transfer

397 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions