mail.nufusehliyetsorgulama13.xyz Open in urlscan Pro
2606:4700:3036::6815:5f2b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Submission: On August 20 via api (August 20th 2024, 12:36:24 pm UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3036::6815:5f2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is mail.nufusehliyetsorgulama13.xyz.
TLS certificate: Issued by WE1 on August 19th 2024. Valid for: 3 months.

This is the only time mail.nufusehliyetsorgulama13.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3036::6815:5f2b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	31.3.2.106 31.3.2.106	21245 (MEDIANOVA...) (MEDIANOVA-CDN)
23	2

17 2606:4700:3036::6815:5f2b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mail.nufusehliyetsorgulama13.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 31.3.2.106 (Frankfurt am Main, Germany)

ASN21245 (MEDIANOVA-CDN, TR)

cdn.e-devlet.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	nufusehliyetsorgulama13.xyz 1 redirects mail.nufusehliyetsorgulama13.xyz	169 KB
7	e-devlet.gov.tr cdn.e-devlet.gov.tr — Cisco Umbrella Rank: 116811	96 KB
23	2

	Domain	Requested by
17	mail.nufusehliyetsorgulama13.xyz	1 redirects mail.nufusehliyetsorgulama13.xyz
7	cdn.e-devlet.gov.tr	mail.nufusehliyetsorgulama13.xyz
23	2

This site contains links to these domains. Also see Links.

Domain
youtu.be

Subject Issuer	Validity	Valid
nufusehliyetsorgulama13.xyz WE1	`2024-08-19` - `2024-11-17`	3 months	crt.sh
cdn.e-devlet.gov.tr GlobalSign RSA OV SSL CA 2018	`2024-02-22` - `2025-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Frame ID: 427FFCFEDFB11F638923A1FAE1B2F96B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-Devlet Kapısı

Page URL History Show full URLs

https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html Page URL
https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/phish-bypass?atok=y67jrJg2gB_jrvwxyJMsrQL.7AdBiKSG9ccBfc6XMHc-172415... HTTP 301
https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

265 kB
Transfer

457 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youtu.be/tiGuD_X0QNE?list=RDtiGuD_X0QNE
Title: Hızlı Çözüm Merkezi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html Page URL
https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/phish-bypass?atok=y67jrJg2gB_jrvwxyJMsrQL.7AdBiKSG9ccBfc6XMHc-1724157374-0.0.1.1-%2Fsurucubelgesi%2FGiris%2Fgir.html HTTP 301
https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 gir.html Show response
mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/ 4 KB
2 KB 173ms
27ms Document
text/html 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b148fb3edb4c94a0bb8987d2ed31d2664e0318040a1c391582784d754cf9f8f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-ray: 8b626d85bdf665c0-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Aug 2024 12:36:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QcoviMvxra8iKLfNXkmqp%2Fj4JucmAHYdCQyiJzWDGv38hZ%2F3Q0bTK1E7hUq%2BfTih88tJg2%2Bsf35BVcEPM%2FdfAafgl%2BfjIfVjPzEXVLX7H6svuYq6G7APhbYNOl5bZXXYz0VBRKKUeWlVmgzoS36T13tghH92Y9gvTc1H18phA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
mail.nufusehliyetsorgulama13.xyz/cdn-cgi/styles/ 23 KB
5 KB 25ms
24ms Stylesheet
text/css 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/styles/cf.errors.css

Requested by

Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Aug 2024 15:08:45 GMT
server: cloudflare
etag: W/"66bb76fd-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8b626d85fe3465c0-FRA
expires: Tue, 20 Aug 2024 14:36:14 GMT

GET
H3 200 icon-exclamation.png
mail.nufusehliyetsorgulama13.xyz/cdn-cgi/images/ 452 B
635 B 25ms
24ms Image
image/png 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Aug 2024 15:08:45 GMT
server: cloudflare
etag: "66bb76fd-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8b626d868ee065c0-FRA
content-length: 452
expires: Tue, 20 Aug 2024 14:36:14 GMT

GET
H3 404 favicon.ico
mail.nufusehliyetsorgulama13.xyz/ 584 B
784 B 359ms
359ms Other
text/html 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkV4wD1jb7ABcFMn33RovLQJEIYwwoMJOkbGlhd6BQWo69q7PtIiKq9FwQkI%2F9EK83lmc4nmmia3rjAcmtSJdfVpWlxTatQwpcgylmqG68kdFofBYwmsJ7ZprRnI5rAb5OibDTE58d7knLt0LUue6MU6WLSWOS%2B0UCyMpnqd6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b626d86df3565c0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request gir.html Show response
mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/
Redirect Chain

https://mail.nufusehliyetsorgulama13.xyz/cdn-cgi/phish-bypass?atok=y67jrJg2gB_jrvwxyJMsrQL.7AdBiKSG9ccBfc6XMHc-1724157374-0.0.1.1-%2Fsurucubelgesi%2FGiris%2Fgir.html
https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html

15 KB
5 KB

353ms
353ms

Document
text/html

2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ec3b4dde16d933d2db6051057056a44b40c66f8fb4bcf569dcf5881cb73874

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b626d9fd8d365c0-FRA
content-encoding: br
content-type: text/html
date: Tue, 20 Aug 2024 12:36:18 GMT
last-modified: Mon, 19 Aug 2024 12:08:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DyoKeQnUIPKAr4IX2dDKbyMlSsCMoZlm0Wny5pk51hmR%2BPvEOIwuNb0X5KvbeRHj0nTg17Lcpw1%2Bg7UDHWFvNZUlKt0F8q%2B0OO7oC3SUSXUNGQUFst6I1krnECb5AGnKwkqbBrCHDNwYxoUNPUU%2FG%2BwmzM984UNPt7I09xmTEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: private, no-cache
cf-ray: 8b626d9fa88a65c0-FRA
content-length: 167
content-type: text/html
date: Tue, 20 Aug 2024 12:36:18 GMT
location: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 login-main.1.9.5.css
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/ 48 KB
12 KB 370ms
369ms Stylesheet
text/css 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9aae4ae41200ef91d0067e7dba43f73ea704cc3e0fb749c02af5ee29d445c29

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uHCNkNA0QtHaCnoeEc2TjkDNPH1SV5dmSGFkHmLm9F6bL9%2FEFkjDvLWmDyHWa0XwG%2FxE19D%2B4i04DUAXOWUWyU91D%2BAwUFKxPv3uGldkHt%2B%2BSTRyQF%2BkrX5z5EPclDS01CMbpf19z4O%2FJN6zleRM7cePuPQ%2FLZrNde4FhJP6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b626da21b6665c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11482

GET
H3 200 edk-logo.png
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/images/login/ 10 KB
11 KB 360ms
360ms Image
image/png 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/images/login/edk-logo.png
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7db1afe2e727172c7166f0a97d583a595481ddc6e3a6d1a9e51d854dab3f2344

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfm%2BCM0Sja8cwiom4BBAYizxHNC5pm2%2BswdMj3YcDdvPdbFwDUnsMXwX5s7pNJueNul89MmAkta%2B5C3uhuFl2D6tvXzLjlmXTY5pnLtunhRxt%2FbRYA6A0K7yRIEo4iNCyWk42YY4KLWAE15GwPEEzCTsdRA4wQ2517hgMHtY8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b626da21b6865c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10604

GET
H3 200 1.png
mail.nufusehliyetsorgulama13.xyz/bebe/themes/istanbul/images/agencies/ 2 KB
2 KB 414ms
414ms Image
image/png 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/istanbul/images/agencies/1.png
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLvALQ6LKMkXqAU3KJCQrkMJklI8AY5lAwDgw50CDjKe8weUCdHwK8MAznO2VChqq6n31GigVRMMjWc9709TeWoPPwAzcvY1FixpTgB8jM%2BnWD9fN8jS2pu9vzZJVC2aX07KOcY%2FWDgGCIN3gAAATbdqkoLQoC1CZNWnmZIE0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b626da22b8265c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1855

GET
H3 200 DDO-logo.png
mail.nufusehliyetsorgulama13.xyz/bebe/themes/nevsehir/images/ 12 KB
12 KB 380ms
380ms Image
image/png 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/nevsehir/images/DDO-logo.png
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae42dd0054dbd0953f55d387bf0f1e10ae51646a3f7b83203d60b4d855bc1d2

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J7RpPrPr%2BNC605d5Insj%2FhTd2%2FeH9oFBSo%2FWdNueYqdwOXnULkBsbtrDRpLLPPP%2BoGhu2ZHJb4jIjapYzld%2BttMFI6hDIPy6p%2BeI%2BBO%2FFO4XZBx1IwDjTIyf4USg4gtyBuZ89tZWe2uGxMiXVQHmbC3IMkpDD4%2B4BF%2B2uIKfAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b626da21b6b65c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11864

GET
H3 200 common.1.9.5.js Show response
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/ 149 KB
62 KB 392ms
391ms Script
application/javascript 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/common.1.9.5.js
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf6926c380dac1db8cb4a77b65f5135ed8ef4fc8d3d4f7a21a5d466bf2634e3

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMMwsLhG8X0%2Fsn35rpQBMWsCAm1P1Idq%2BBwDgnq16iCZEuAirGit%2BpdTwwy7T1xbeaehajrHYESWOCBISF2NAxQ7DwN%2FuLsUOGfZojcL14YMSIabUdk5A5apSgcY3QStv%2B9uvqsRWm0Zct4ymAD7BvT4svH6fNrv82lnJu8MGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b626da22b7c65c0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.jcryption.1.9.5.js Show response
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/ 65 KB
25 KB 412ms
411ms Script
application/javascript 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/jquery.jcryption.1.9.5.js
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10cea3887f0a3cf60d9fc06e809594d051c37563e2d3d8e8548f86d225fef398

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAngoLTt%2BEZJ9Xe1Oh%2FilXA%2BsX%2BXaRtRqY%2BrBa4B7YoeuawKVuhfpxIxVldQuaLfiWt56PSqDL%2Fnl5xcMEjv7hKQwz6ueQzICqyrc%2BzG43mFPG2YGIB0c%2BqAGizfe4Hh5B%2BuLrabhKZC5SxrY0h6br0XBxVcbCrNCBkFxaHLSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b626da22b7e65c0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 edk-giris.1.9.5.js Show response
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/ 8 KB
4 KB 414ms
414ms Script
application/javascript 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/edk-giris.1.9.5.js
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e36ae23ad2061185e1afec83801772dd62209a32b6120f892e9ad0657845c46f

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vv6hzUUrucCJ7eOjCL0xLy6ypQNDANTvH3KoPrqJx2sJ%2Fa5Iqg2s3ODvK395wdkh5LG6BQWF3aiAvg%2FAVMTnM3SKcTQhECBVNAK%2FKyigAooPbDmbhJmOrH9H36WO25v2HhaYaDjr5T7hQmTDSvWSBR5izD%2BIckt2zL2CTAyaeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b626da22b8165c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3315

GET
H2 200 P5sBzZCDf9_T_1Wi4TRDrZKF09E3.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 9 KB
10 KB 404ms
20ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-2139
x-mnrequest-id: b60b5cd445ed2625b7e832525296732a
x-edge-location: DE-372
etag: W/"6405ea6b-2564"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: MNCDN-2137
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCFuj5-v.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 9 KB
10 KB 425ms
41ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10ZxCFuj5-v.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: 7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-2139
x-mnrequest-id: 9ec8893cea9fed66c3088c2bad931cd0
x-edge-location: DE-372
etag: W/"6405ea6b-2584"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 edkicon.180.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/grs-icon/ 7 KB
8 KB 405ms
21ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/grs-icon/edkicon.180.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: 285c09a437dae1191b7861695dce9653b83b3ce967b898415afe9b748268ad31

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Fri, 16 Aug 2024 12:22:55 GMT
server: MNCDN-2139
x-mnrequest-id: 5a58ce0a3e16439c2b2d2045fe5be559
x-edge-location: DE-372
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sCzZCDf9_T_10c9CNkiL2t2dk.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 10 KB
10 KB 426ms
43ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9CNkiL2t2dk.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: ad13b3fe0d7ffedfef7b0495f001577ceafcf0da1691cccd060ce8171137e7b7

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-2139
x-mnrequest-id: e57b79b0cedb6dee7e4c696fa0b149ef
x-edge-location: DE-372
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 19 KB
19 KB 407ms
23ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: baa4939ce5526f6345842e8324ea0a248d0e139eef54fe377492fd44a79803a5

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-2139
x-mnrequest-id: 003bbd03f0c4dbdff2a8c6267c1979e6
x-edge-location: DE-372
etag: W/"6405ea6b-4ac4"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: MNCDN-2137
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sMzZCDf9_T_10XxCFuj5-v6dg.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 19 KB
19 KB 421ms
38ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10XxCFuj5-v6dg.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: 1f634d0016221534cb3f7a6f0a369972d44cb2b5f7b5b17c70144be47791c882

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-2139
x-mnrequest-id: 0112ebb80aed5bc7be2892daf7f9e26c
x-edge-location: DE-372
etag: W/"6405ea6b-4a4c"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 20 KB
20 KB 428ms
45ms Font
application/octet-stream 31.3.2.106
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.180.woff2
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.106 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-2139 /
Resource Hash: 9c6e2b09ac19fe1395ca10c2872f9b132eb136faedb9bd7896779453497fec87

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/
Origin: https://mail.nufusehliyetsorgulama13.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-2139
x-mnrequest-id: b3adf9f2b373ee38198d2feda0859ee4
x-edge-location: DE-372
etag: W/"6405ea6b-4f94"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 404 common_messages_tr.1.9.5.js
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/ 0
0 367ms
366ms Script
text/html 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/common_messages_tr.1.9.5.js
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/common.1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wmu1u4c%2FHzQWZaQPX8L9VfU6oGaXEwy%2F87JlaUtEahbM48MSCBMtROoLTkI4ah2VFDwt1ImMaSF5LAE8BnVxRMUCQS0%2BPNOkN57UODH6p1nh6%2F8sCHcL1cS5zioOp4nEIxmrmv2OS%2BqA0h%2B7kHj08CeNHZbHItFgb1LABYOu5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b626da4ff4a65c0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 login_messages_tr.1.9.5.js
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/ 0
0 377ms
376ms Script
text/html 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/login_messages_tr.1.9.5.js
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/common.1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utaSi1JvHvEOKlU%2B7EoFii0OlqM424E5piTw75wqo3o%2B4qQrpeZA05dpIaKPrrsG5kOMBPNNtE0BWrtt8IfvpSC7t2ymyB99RruwjZLjRcwrABx4cvwg87Sj7gBwIOTcZcKYQ4Py22rpsUr60USQZXWVyKXouk9sMXDLHPLOtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b626da4ff4c65c0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 CryptoServlet Show response
mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/ 583 B
780 B 216ms
216ms XHR
text/html 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/CryptoServlet?generateKeyPair=true&pn=%2Fsurucubelgesi%2FGiris%2Fgir.html&ajax=1&token=
Requested by: Host: mail.nufusehliyetsorgulama13.xyz
URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/common.1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6S%2FKwvWbCppd8stzOEzvj9O7I%2Bkf4eUqv3thI99ppSxDzYkQ2HC1VKfOHyU5ZGS383SIaAkgxyJUpw%2FG9VmSxT0Ksweev38iylCo372xfZMahXDyY6dTm%2FqtNShKvdr0Pjc7%2BCz%2BjS9VjKqnIy2SsFVS1GpPjSd8qc76ebeuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8b626da4ff5365c0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon-196x196.png
mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/images/favicons/ 26 KB
27 KB 369ms
369ms Other
image/png 2606:4700:3036::6815:5f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/images/favicons/favicon-196x196.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:5f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe

Request headers

Referer: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 12:36:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Aug 2024 12:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qqcg29MNJ8%2Bn9XD%2Fu3NmbLWT6NZfu%2FN9y%2B3ppjsXAzXE%2FuKmBeWYdSUqgE%2B8RBIFJVWUp0T3U2waEROgUzUHY5CS0h%2Fv6lk9mcqQJfEHLmM1vwJ8lhjqKmZkVVVrNeA8%2Bs6rz6JIxY82huyFefb9sSjovqKq4YwZiyS%2Fp6MsOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b626da7cbae65c0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27074

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mail.nufusehliyetsorgulama13.xyz/	1970-01-20 22:57:23	Name: __cf_mw_byp Value: y67jrJg2gB_jrvwxyJMsrQL.7AdBiKSG9ccBfc6XMHc-1724157374-0.0.1.1-/surucubelgesi/Giris/gir.html

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mail.nufusehliyetsorgulama13.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mail.nufusehliyetsorgulama13.xyz/surucubelgesi/Giris/CryptoServlet?generateKeyPair=true&pn=%2Fsurucubelgesi%2FGiris%2Fgir.html&ajax=1&token= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/common_messages_tr.1.9.5.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mail.nufusehliyetsorgulama13.xyz/bebe/themes/izmir/js/es/login_messages_tr.1.9.5.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.e-devlet.gov.tr
mail.nufusehliyetsorgulama13.xyz
2606:4700:3036::6815:5f2b
31.3.2.106
0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5
10cea3887f0a3cf60d9fc06e809594d051c37563e2d3d8e8548f86d225fef398
1f634d0016221534cb3f7a6f0a369972d44cb2b5f7b5b17c70144be47791c882
285c09a437dae1191b7861695dce9653b83b3ce967b898415afe9b748268ad31
3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5
59ec3b4dde16d933d2db6051057056a44b40c66f8fb4bcf569dcf5881cb73874
7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72
7db1afe2e727172c7166f0a97d583a595481ddc6e3a6d1a9e51d854dab3f2344
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9c6e2b09ac19fe1395ca10c2872f9b132eb136faedb9bd7896779453497fec87
9cf6926c380dac1db8cb4a77b65f5135ed8ef4fc8d3d4f7a21a5d466bf2634e3
ad13b3fe0d7ffedfef7b0495f001577ceafcf0da1691cccd060ce8171137e7b7
b148fb3edb4c94a0bb8987d2ed31d2664e0318040a1c391582784d754cf9f8f2
b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18
baa4939ce5526f6345842e8324ea0a248d0e139eef54fe377492fd44a79803a5
d9aae4ae41200ef91d0067e7dba43f73ea704cc3e0fb749c02af5ee29d445c29
dae42dd0054dbd0953f55d387bf0f1e10ae51646a3f7b83203d60b4d855bc1d2
e36ae23ad2061185e1afec83801772dd62209a32b6120f892e9ad0657845c46f
eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

mail.nufusehliyetsorgulama13.xyz Open in urlscan Pro 2606:4700:3036::6815:5f2b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

265 kBTransfer

457 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

44 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

mail.nufusehliyetsorgulama13.xyz Open in urlscan Pro
2606:4700:3036::6815:5f2b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

265 kB
Transfer

457 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!