girisyapcampaingtowprld.com Open in urlscan Pro
92.205.170.193 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://girisyapcampaingtowprld.com/
Submission: On March 03 via api (March 3rd 2024, 12:58:29 am UTC) from BE — Scanned from FR

Summary HTTP 25 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 92.205.170.193, located in France and belongs to GODADDY-SXB, DE. The main domain is girisyapcampaingtowprld.com.

This is the only time girisyapcampaingtowprld.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Halkbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
24	92.205.170.193 92.205.170.193	21499 (GODADDY-SXB) (GODADDY-SXB)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
25	2

24 92.205.170.193 (France)

ASN21499 (GODADDY-SXB, DE)
PTR: 193.170.205.92.host.secureserver.net

girisyapcampaingtowprld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	girisyapcampaingtowprld.com girisyapcampaingtowprld.com	440 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	31 KB
25	2

	Domain	Requested by
24	girisyapcampaingtowprld.com	girisyapcampaingtowprld.com code.jquery.com
1	code.jquery.com	girisyapcampaingtowprld.com
25	2

This site contains links to these domains. Also see Links.

Domain
www.halkbank.com.tr
www.halkbankkobi.com.tr
www.parafcard.com.tr

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://girisyapcampaingtowprld.com/
Frame ID: 8234AAEDBC84569339F76C5B683DA83B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Halkbank İnternet Şubesi

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<(?:div|html)[^>]+ng-app=

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

4 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

471 kB
Transfer

1454 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.halkbank.com.tr/

Search URL Search Domain Scan URL

URL: https://www.halkbank.com.tr/tr/dijital-bankacilik/internet-bankaciligi/halkbank-internet-subesi/guvenlik.html
Title: Güvenliğiniz için Halkbank İnternet Şubesi girişlerinde; cep telefonu numarası, marka ve modeli bilgileriniz istenmez. Detaylı bilgi için tıklayınız

Search URL Search Domain Scan URL

URL: http://www.halkbankkobi.com.tr/
Title: A’dan Z’ye KOBİ’ye dair her şey halkbankkobi.com.tr’de! Detaylar için tıklayınız

Search URL Search Domain Scan URL

URL: https://www.halkbank.com.tr/tr/dijital-bankacilik/dialog/dialog/nasil-uye-olabilirim.html
Title: Hızlı ve güvenli bankacılığın yeni numarası: 0850 222 0 400 Halkbank Dialog 0850 222 0 401 Halkbank KOBİ Dialog

Search URL Search Domain Scan URL

URL: https://www.halkbank.com.tr/tr/sikca-sorulan-sorular.html
Title: Sıkça Sorulan Sorular

Search URL Search Domain Scan URL

URL: https://www.halkbank.com.tr/tr/sube-atm-arama.html
Title: ATM ve Şubeler

Search URL Search Domain Scan URL

URL: https://www.halkbank.com.tr/tr/dijital-bankacilik/internet-bankaciligi/halkbank-internet-subesi/planli-kesintiler.html
Title: Duyurular

Search URL Search Domain Scan URL

URL: https://www.halkbank.com.tr/tr/musteri-haklari/mutlu-musteri-merkezi.html
Title: Mutlu Müşteri Merkezi Halkbank olarak siz değerli müşterilerimizin taleplerini önemsiyoruz.

Search URL Search Domain Scan URL

URL: http://www.parafcard.com.tr/
Title: Paraf Card Kredi Kartı Dünyasında Ayrıcalıklar Bu Paraf’ta!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response girisyapcampaingtowprld.com/	40 KB 8 KB	81ms 44ms	Document text/html	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / PHP/8.1.27 Resource Hash `06067908dab65e68df35d70586de3e149235370672f9e76488c3c6518aaf3986` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 7564 Content-Type text/html; charset=UTF-8 Date Sun, 03 Mar 2024 00:58:23 GMT Keep-Alive timeout=5 Server Apache Upgrade h2,h2c Vary Accept-Encoding X-Powered-By PHP/8.1.27
GET H/1.1	200 OK	bootstrap.min.css girisyapcampaingtowprld.com/css/	139 KB 24 KB	35ms 35ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/bootstrap.min.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `b62dcddfb2f73bb87e8a1b62ce426ae15009df2a879e4fcf01c88262c0ca169f` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:42:32 GMT Server Apache ETag "2582795-22a1f-611a8fcb28600-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 24757
GET H/1.1	200 OK	production.min.css girisyapcampaingtowprld.com/css/	210 KB 39 KB	62ms 35ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/production.min.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `7163dd1bbf810606e4aadbf9b921ed07d1d21790fe027d620c6ba54aa17f141c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:42:48 GMT Server Apache ETag "258279a-348d2-611a8fda6aa00-gzip" Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 39236
GET H/1.1	200 OK	production-plugins.min.css girisyapcampaingtowprld.com/css/	138 KB 26 KB	61ms 33ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/production-plugins.min.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `aa927bb0806b182d355c9923570e63aa7520a4680c781ba57de94cb6a3d6c15c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:42:54 GMT Server Apache ETag "2582799-229f1-611a8fe023780-gzip" Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 26102
GET H/1.1	200 OK	skins.min.css girisyapcampaingtowprld.com/css/	510 KB 78 KB	68ms 41ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/skins.min.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `db4ea83ae0197510659f29dcf93c0b4916d6c7c890b05774f2558ad02ce39a6c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:43:04 GMT Server Apache ETag "258279c-7f92e-611a8fe9ace00-gzip" Vary Accept-Encoding Transfer-Encoding chunked Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5
GET H/1.1	200 OK	veribranch-all.css girisyapcampaingtowprld.com/css/	8 KB 3 KB	57ms 29ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/veribranch-all.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `e508fd78ced65cdc73d8f5c5b8ca8e2f67e940c59f65906823f020ede1b34c4c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:43:12 GMT Server Apache ETag "258279f-217c-611a8ff14e000-gzip" Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2428
GET H/1.1	200 OK	receipt.css girisyapcampaingtowprld.com/css/	3 KB 1 KB	60ms 31ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/receipt.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `cc8c5b8fdc333b4e97cd8d17ff9ea1a5feaa973973f0101be4dbf7d0d70dfc48` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:43:42 GMT Server Apache ETag "258279b-a03-611a900dea380-gzip" Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 834
GET H/1.1	200 OK	plugins-all.css girisyapcampaingtowprld.com/css/	70 KB 9 KB	89ms 32ms	Stylesheet text/css	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/css/plugins-all.css Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `c6a9da998ff4b8b121020abd635868f6430d83167f1b7cb5899185f5022ec4a0` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Content-Encoding gzip Last-Modified Sun, 18 Feb 2024 14:43:50 GMT Server Apache ETag "2582798-11680-611a90158b580-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 9147
GET H/1.1	200 OK	HALKBANK_logo2.svg girisyapcampaingtowprld.com/img/HALKBANK/	7 KB 7 KB	31ms 31ms	Image image/svg+xml	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/HALKBANK/HALKBANK_logo2.svg?v=1 Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `5f753839283d4a8841cbd7707282dcfc9e2a65d116316955a3d6751a5fb30594` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:56:00 GMT Server Apache ETag "25830ca-1c61-611a92cdba000" Vary Accept-Encoding Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 7265
GET H/1.1	200 OK	HB_lock.png girisyapcampaingtowprld.com/img/	515 B 783 B	30ms 30ms	Image image/png	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/HB_lock.png Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `fa38abaaeab332d2bc134bbc7103cfa06611249c6164c530938bed7f13c25b8c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:58:12 GMT Server Apache ETag "25830cc-203-611a934b9c900" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 515
GET H/1.1	200 OK	HB_lock-white.png girisyapcampaingtowprld.com/img/	1 KB 2 KB	31ms 30ms	Image image/png	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/HB_lock-white.png Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `fa895aad80366bcd0abb6c52554f13e33cf99a494bb6a539c52aeb2b03a53dd2` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:58:06 GMT Server Apache ETag "25830cb-5a5-611a9345e3b80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1445
GET H/1.1	404 Not Found	vb-all.js girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/statics/js/	0 0	30ms 30ms	Script text/html	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/statics/js/vb-all.js Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	veribranch.directives.js girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/VeriBranch.Web/Modules/	0 0	29ms 29ms	Script text/html	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/VeriBranch.Web/Modules/veribranch.directives.js Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	jquery-3.6.4.min.js Show response code.jquery.com/	88 KB 31 KB	67ms 21ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.4.min.js Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 00:58:23 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 14625304 x-cache HIT, HIT content-length 31011 x-served-by cache-lga21953-LGA, cache-lcy-eglc8600064-LCY last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1709427504.835309,VS0,VE0 etag W/"28feccc0-15ec3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 180, 31473
GET H/1.1	200 OK	blank.gif girisyapcampaingtowprld.com/img/	1 KB 1 KB	28ms 28ms	Image image/gif	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/blank.gif Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/production.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `50fd99c7ba443da1d3f8455af419e9a623c7a87013c82580129c7461a9804f27` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/css/production.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 15:00:52 GMT Server Apache ETag "25830c7-447-611a93e433100" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1095
GET H/1.1	200 OK	bghbnew.jpg girisyapcampaingtowprld.com/img/	156 KB 157 KB	31ms 31ms	Image image/jpeg	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/bghbnew.jpg Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `919b3693b2c106c684bf530443ee2af0360f7f51d96d7fc556be5cd03942d6bc` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/css/skins.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 15:00:36 GMT Server Apache ETag "25830c6-27117-611a93d4f0d00" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 160023
GET H/1.1	200 OK	white-arrow.png girisyapcampaingtowprld.com/img/	219 B 486 B	32ms 32ms	Image image/png	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/white-arrow.png Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `5dce1529451ca28870b87a2f034cd462558d3830f99e8ac3c22a3a3445191a4d` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/css/skins.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 15:01:12 GMT Server Apache ETag "25830d4-db-611a93f745e00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 219
GET H/1.1	200 OK	login-mmm.svg girisyapcampaingtowprld.com/img/icons/svg/white/	1 KB 1 KB	30ms 30ms	Image image/svg+xml	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/icons/svg/white/login-mmm.svg Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `9313b826be1e50da9e240b43b515c91214bc72d506b20d1dddbeeca6ebdd1bee` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/css/skins.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:58:36 GMT Server Apache ETag "25830d0-426-611a93627ff00" Vary Accept-Encoding Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1062
GET H/1.1	200 OK	GUVENLIK.png girisyapcampaingtowprld.com/img/	3 KB 3 KB	31ms 31ms	Image image/png	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/GUVENLIK.png Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `150515bdd6a0afb734c18307eba842fe07df15ed730aa5ed22d18959947e7e1f` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/css/skins.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:56:34 GMT Server Apache ETag "25830c8-a0f-611a92ee26c80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2575
GET H/1.1	200 OK	paraf.png girisyapcampaingtowprld.com/img/	1 KB 2 KB	31ms 31ms	Image image/png	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL http://girisyapcampaingtowprld.com/img/paraf.png Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `964636a5b67ebc123f6593ab8cad228a53c4df0b6a3f9d31511a19a90fedfd2f` Request headers accept-language fr-FR,fr;q=0.9 Referer http://girisyapcampaingtowprld.com/css/skins.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:56:58 GMT Server Apache ETag "25830d2-5b4-611a93050a280" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 1460
GET H/1.1	200 OK	fontawesome-webfont.woff2 girisyapcampaingtowprld.com/fonts/	63 KB 63 KB	56ms 30ms	Font font/woff2	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/fonts/fontawesome-webfont.woff2?v=4.4.0 Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/bootstrap.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019` Request headers Referer http://girisyapcampaingtowprld.com/css/bootstrap.min.css Origin http://girisyapcampaingtowprld.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:52:54 GMT Server Apache ETag "25830b6-fbd0-611a921c57d80" Vary Accept-Encoding Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 64464
GET H/1.1	200 OK	Gotham-Bold.woff girisyapcampaingtowprld.com/fonts/gotham/	11 KB 12 KB	61ms 30ms	Font font/woff	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/fonts/gotham/Gotham-Bold.woff Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `929c9acb73530a412324d05d604ddec6eaab1c86a40d8ef59e3003b9e899040b` Request headers Referer http://girisyapcampaingtowprld.com/css/skins.min.css Origin http://girisyapcampaingtowprld.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:53:16 GMT Server Apache ETag "25830b8-2d58-611a923152f00" Vary Accept-Encoding Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 11608
GET H/1.1	200 OK	text-security-disc.woff2 girisyapcampaingtowprld.com/fonts/	2 KB 3 KB	53ms 31ms	Font font/woff2	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/fonts/text-security-disc.woff2 Requested by Host: girisyapcampaingtowprld.com URL: http://girisyapcampaingtowprld.com/css/skins.min.css Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / Resource Hash `9dd630e7cbf1a068b89a5a134e248ff63f2d452081bf86684aeb4b7f73712b76` Request headers Referer http://girisyapcampaingtowprld.com/css/skins.min.css Origin http://girisyapcampaingtowprld.com accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Last-Modified Sun, 18 Feb 2024 14:54:32 GMT Server Apache ETag "25830c4-8e8-611a9279cda00" Vary Accept-Encoding Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2280
POST H/1.1	200 OK	datach.php Show response girisyapcampaingtowprld.com/	0 227 B	40ms 39ms	XHR text/html	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/datach.php?ip=92.222.212.17 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.4.min.js Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / PHP/8.1.27 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://girisyapcampaingtowprld.com/ X-Requested-With XMLHttpRequest accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:23 GMT Server Apache X-Powered-By PHP/8.1.27 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5 Content-Length 0
POST H/1.1	200 OK	datach.php Show response girisyapcampaingtowprld.com/	0 227 B	39ms 39ms	XHR text/html	92.205.170.193 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL http://girisyapcampaingtowprld.com/datach.php?ip=92.222.212.17 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.4.min.js Protocol HTTP/1.1 Server 92.205.170.193 , France, ASN21499 (GODADDY-SXB, DE), Reverse DNS 193.170.205.92.host.secureserver.net Software Apache / PHP/8.1.27 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer http://girisyapcampaingtowprld.com/ X-Requested-With XMLHttpRequest accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Sun, 03 Mar 2024 00:58:26 GMT Server Apache X-Powered-By PHP/8.1.27 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5 Content-Length 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Halkbank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/statics/js/vb-all.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/VeriBranch.Web/Modules/veribranch.directives.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
girisyapcampaingtowprld.com
2a04:4e42:200::649
92.205.170.193
06067908dab65e68df35d70586de3e149235370672f9e76488c3c6518aaf3986
150515bdd6a0afb734c18307eba842fe07df15ed730aa5ed22d18959947e7e1f
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
50fd99c7ba443da1d3f8455af419e9a623c7a87013c82580129c7461a9804f27
5dce1529451ca28870b87a2f034cd462558d3830f99e8ac3c22a3a3445191a4d
5f753839283d4a8841cbd7707282dcfc9e2a65d116316955a3d6751a5fb30594
7163dd1bbf810606e4aadbf9b921ed07d1d21790fe027d620c6ba54aa17f141c
919b3693b2c106c684bf530443ee2af0360f7f51d96d7fc556be5cd03942d6bc
929c9acb73530a412324d05d604ddec6eaab1c86a40d8ef59e3003b9e899040b
9313b826be1e50da9e240b43b515c91214bc72d506b20d1dddbeeca6ebdd1bee
964636a5b67ebc123f6593ab8cad228a53c4df0b6a3f9d31511a19a90fedfd2f
9dd630e7cbf1a068b89a5a134e248ff63f2d452081bf86684aeb4b7f73712b76
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa927bb0806b182d355c9923570e63aa7520a4680c781ba57de94cb6a3d6c15c
b62dcddfb2f73bb87e8a1b62ce426ae15009df2a879e4fcf01c88262c0ca169f
c6a9da998ff4b8b121020abd635868f6430d83167f1b7cb5899185f5022ec4a0
cc8c5b8fdc333b4e97cd8d17ff9ea1a5feaa973973f0101be4dbf7d0d70dfc48
db4ea83ae0197510659f29dcf93c0b4916d6c7c890b05774f2558ad02ce39a6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e508fd78ced65cdc73d8f5c5b8ca8e2f67e940c59f65906823f020ede1b34c4c
fa38abaaeab332d2bc134bbc7103cfa06611249c6164c530938bed7f13c25b8c
fa895aad80366bcd0abb6c52554f13e33cf99a494bb6a539c52aeb2b03a53dd2

girisyapcampaingtowprld.com Open in urlscan Pro 92.205.170.193 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

4 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

471 kBTransfer

1454 kBSize

0 Cookies

9 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

girisyapcampaingtowprld.com Open in urlscan Pro
92.205.170.193 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

4 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

471 kB
Transfer

1454 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!