girisyapcampaingtowprld.com
Open in
urlscan Pro
92.205.170.193
Malicious Activity!
Public Scan
Submission: On March 03 via api from BE — Scanned from FR
Summary
This is the only time girisyapcampaingtowprld.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Halkbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 92.205.170.193 92.205.170.193 | 21499 (GODADDY-SXB) (GODADDY-SXB) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
25 | 2 |
ASN21499 (GODADDY-SXB, DE)
PTR: 193.170.205.92.host.secureserver.net
girisyapcampaingtowprld.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
girisyapcampaingtowprld.com
girisyapcampaingtowprld.com |
440 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 760 |
31 KB |
25 | 2 |
Domain | Requested by | |
---|---|---|
24 | girisyapcampaingtowprld.com |
girisyapcampaingtowprld.com
code.jquery.com |
1 | code.jquery.com |
girisyapcampaingtowprld.com
|
25 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.halkbank.com.tr |
www.halkbankkobi.com.tr |
www.parafcard.com.tr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://girisyapcampaingtowprld.com/
Frame ID: 8234AAEDBC84569339F76C5B683DA83B
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Halkbank İnternet ŞubesiDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- <(?:div|html)[^>]+ng-app=
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Güvenliğiniz için Halkbank İnternet Şubesi girişlerinde; cep telefonu numarası, marka ve modeli bilgileriniz istenmez. Detaylı bilgi için tıklayınız
Search URL Search Domain Scan URL
Title: A’dan Z’ye KOBİ’ye dair her şey halkbankkobi.com.tr’de! Detaylar için tıklayınız
Search URL Search Domain Scan URL
Title: Hızlı ve güvenli bankacılığın yeni numarası: 0850 222 0 400 Halkbank Dialog 0850 222 0 401 Halkbank KOBİ Dialog
Search URL Search Domain Scan URL
Title: Sıkça Sorulan Sorular
Search URL Search Domain Scan URL
Title: ATM ve Şubeler
Search URL Search Domain Scan URL
Title: Duyurular
Search URL Search Domain Scan URL
Title: Mutlu Müşteri Merkezi Halkbank olarak siz değerli müşterilerimizin taleplerini önemsiyoruz.
Search URL Search Domain Scan URL
Title: Paraf Card Kredi Kartı Dünyasında Ayrıcalıklar Bu Paraf’ta!
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
girisyapcampaingtowprld.com/ |
40 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
girisyapcampaingtowprld.com/css/ |
139 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
production.min.css
girisyapcampaingtowprld.com/css/ |
210 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
production-plugins.min.css
girisyapcampaingtowprld.com/css/ |
138 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skins.min.css
girisyapcampaingtowprld.com/css/ |
510 KB 78 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
veribranch-all.css
girisyapcampaingtowprld.com/css/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
receipt.css
girisyapcampaingtowprld.com/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins-all.css
girisyapcampaingtowprld.com/css/ |
70 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HALKBANK_logo2.svg
girisyapcampaingtowprld.com/img/HALKBANK/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HB_lock.png
girisyapcampaingtowprld.com/img/ |
515 B 783 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HB_lock-white.png
girisyapcampaingtowprld.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vb-all.js
girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/statics/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
veribranch.directives.js
girisyapcampaingtowprld.com/InternetBankingHost/Features/wwwroot/VeriBranch.Web/Modules/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.4.min.js
code.jquery.com/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank.gif
girisyapcampaingtowprld.com/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bghbnew.jpg
girisyapcampaingtowprld.com/img/ |
156 KB 157 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
white-arrow.png
girisyapcampaingtowprld.com/img/ |
219 B 486 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-mmm.svg
girisyapcampaingtowprld.com/img/icons/svg/white/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GUVENLIK.png
girisyapcampaingtowprld.com/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
paraf.png
girisyapcampaingtowprld.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
girisyapcampaingtowprld.com/fonts/ |
63 KB 63 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Gotham-Bold.woff
girisyapcampaingtowprld.com/fonts/gotham/ |
11 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
text-security-disc.woff2
girisyapcampaingtowprld.com/fonts/ |
2 KB 3 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
datach.php
girisyapcampaingtowprld.com/ |
0 227 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
datach.php
girisyapcampaingtowprld.com/ |
0 227 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Halkbank (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| fraudNetInitiateEvent function| fraudNetValidateEvent function| $ function| jQuery function| gonder0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
girisyapcampaingtowprld.com
2a04:4e42:200::649
92.205.170.193
06067908dab65e68df35d70586de3e149235370672f9e76488c3c6518aaf3986
150515bdd6a0afb734c18307eba842fe07df15ed730aa5ed22d18959947e7e1f
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
50fd99c7ba443da1d3f8455af419e9a623c7a87013c82580129c7461a9804f27
5dce1529451ca28870b87a2f034cd462558d3830f99e8ac3c22a3a3445191a4d
5f753839283d4a8841cbd7707282dcfc9e2a65d116316955a3d6751a5fb30594
7163dd1bbf810606e4aadbf9b921ed07d1d21790fe027d620c6ba54aa17f141c
919b3693b2c106c684bf530443ee2af0360f7f51d96d7fc556be5cd03942d6bc
929c9acb73530a412324d05d604ddec6eaab1c86a40d8ef59e3003b9e899040b
9313b826be1e50da9e240b43b515c91214bc72d506b20d1dddbeeca6ebdd1bee
964636a5b67ebc123f6593ab8cad228a53c4df0b6a3f9d31511a19a90fedfd2f
9dd630e7cbf1a068b89a5a134e248ff63f2d452081bf86684aeb4b7f73712b76
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa927bb0806b182d355c9923570e63aa7520a4680c781ba57de94cb6a3d6c15c
b62dcddfb2f73bb87e8a1b62ce426ae15009df2a879e4fcf01c88262c0ca169f
c6a9da998ff4b8b121020abd635868f6430d83167f1b7cb5899185f5022ec4a0
cc8c5b8fdc333b4e97cd8d17ff9ea1a5feaa973973f0101be4dbf7d0d70dfc48
db4ea83ae0197510659f29dcf93c0b4916d6c7c890b05774f2558ad02ce39a6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e508fd78ced65cdc73d8f5c5b8ca8e2f67e940c59f65906823f020ede1b34c4c
fa38abaaeab332d2bc134bbc7103cfa06611249c6164c530938bed7f13c25b8c
fa895aad80366bcd0abb6c52554f13e33cf99a494bb6a539c52aeb2b03a53dd2