www.ozelsizeozelsubembbva.org.tr
Open in
urlscan Pro
2606:4700:3033::6815:1074
Malicious Activity!
Public Scan
Effective URL: https://www.ozelsizeozelsubembbva.org.tr/
Submission: On August 10 via api from TR — Scanned from DE
Summary
TLS certificate: Issued by WE1 on August 8th 2024. Valid for: 3 months.
This is the only time www.ozelsizeozelsubembbva.org.tr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Garanti (Banking) Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 22 | 2606:4700:303... 2606:4700:3033::6815:1074 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 217.68.217.11 217.68.217.11 | 12903 (GARANTI-TECH) (GARANTI-TECH) | |
1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 4 |
ASN13335 (CLOUDFLARENET, US)
www.ozelsizeozelsubembbva.org.tr |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
ozelsizeozelsubembbva.org.tr
1 redirects
www.ozelsizeozelsubembbva.org.tr |
161 KB |
7 |
garantibbva.com.tr
sube.assets.garantibbva.com.tr — Cisco Umbrella Rank: 378215 |
343 KB |
1 |
userstat.net
userstat.net — Cisco Umbrella Rank: 232748 |
662 B |
29 | 3 |
Domain | Requested by | |
---|---|---|
22 | www.ozelsizeozelsubembbva.org.tr |
1 redirects
www.ozelsizeozelsubembbva.org.tr
|
7 | sube.assets.garantibbva.com.tr |
www.ozelsizeozelsubembbva.org.tr
sube.assets.garantibbva.com.tr |
1 | userstat.net |
www.ozelsizeozelsubembbva.org.tr
|
29 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.garantibbva.com.tr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ozelsizeozelsubembbva.org.tr WE1 |
2024-08-08 - 2024-11-06 |
3 months | crt.sh |
sube.assets.garantibbva.com.tr DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-04 - 2025-01-03 |
a year | crt.sh |
userstat.net WE1 |
2024-07-17 - 2024-10-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.ozelsizeozelsubembbva.org.tr/
Frame ID: B538D83680FE185D2FE246ACE4AA3179
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Garanti BBVA İnternetPage URL History Show full URLs
-
http://www.ozelsizeozelsubembbva.org.tr/
HTTP 307
https://www.ozelsizeozelsubembbva.org.tr/ Page URL
-
https://www.ozelsizeozelsubembbva.org.tr/cdn-cgi/phish-bypass?atok=KFEBbLKUmMAl.3rcLnXC8rGsf2IdNMvAkJtK7oQZrWc-172329...
HTTP 301
https://www.ozelsizeozelsubembbva.org.tr/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Detaylı bilgi
Search URL Search Domain Scan URL
Title: Detaylı bilgi
Search URL Search Domain Scan URL
Title: Detaylı bilgi
Search URL Search Domain Scan URL
Title: Diğer Yardım Ve Güvenlik
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.ozelsizeozelsubembbva.org.tr/
HTTP 307
https://www.ozelsizeozelsubembbva.org.tr/ Page URL
-
https://www.ozelsizeozelsubembbva.org.tr/cdn-cgi/phish-bypass?atok=KFEBbLKUmMAl.3rcLnXC8rGsf2IdNMvAkJtK7oQZrWc-1723298449-0.0.1.1-%2F
HTTP 301
https://www.ozelsizeozelsubembbva.org.tr/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.ozelsizeozelsubembbva.org.tr/ HTTP 307
- https://www.ozelsizeozelsubembbva.org.tr/
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
www.ozelsizeozelsubembbva.org.tr/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
www.ozelsizeozelsubembbva.org.tr/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
www.ozelsizeozelsubembbva.org.tr/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.ozelsizeozelsubembbva.org.tr/ |
31 KB 13 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
www.ozelsizeozelsubembbva.org.tr/ Redirect Chain
|
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
addtohomescreen.css
www.ozelsizeozelsubembbva.org.tr/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ruxitagentjs_ICA2NVfghjqrux_10271230629152232.js
www.ozelsizeozelsubembbva.org.tr/js/ |
221 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pace.css
www.ozelsizeozelsubembbva.org.tr/css/ |
566 B 789 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firstscreen.css
www.ozelsizeozelsubembbva.org.tr/css/ |
773 B 839 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pace.js
www.ozelsizeozelsubembbva.org.tr/js/ |
12 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr.js
www.ozelsizeozelsubembbva.org.tr/js/ |
31 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile-detect.js
www.ozelsizeozelsubembbva.org.tr/js/ |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
application-devices.js
www.ozelsizeozelsubembbva.org.tr/js/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ie.js
www.ozelsizeozelsubembbva.org.tr/js/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-garantibbva.png
www.ozelsizeozelsubembbva.org.tr/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-garantibbva-2x.png
www.ozelsizeozelsubembbva.org.tr/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GT.beta.browser.behaviour.js
www.ozelsizeozelsubembbva.org.tr/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-login.css
sube.assets.garantibbva.com.tr/assets/css/ |
212 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-login-utility.css
sube.assets.garantibbva.com.tr/assets/css/ |
210 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gt-facelift-login-style.css
sube.assets.garantibbva.com.tr/assets/css/ |
65 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-garantibbva-2x.png
www.ozelsizeozelsubembbva.org.tr/images/ |
7 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.woff
sube.assets.garantibbva.com.tr/assets/fonts/ |
67 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Light.woff
sube.assets.garantibbva.com.tr/assets/fonts/ |
67 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.woff
sube.assets.garantibbva.com.tr/assets/fonts/ |
38 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Semibold.woff
sube.assets.garantibbva.com.tr/assets/fonts/ |
67 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
userstat.net/get/ |
129 B 662 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.ozelsizeozelsubembbva.org.tr/ |
31 KB 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rb_4d4a1b99-123b-457f-ac83-57a07754aaeb
www.ozelsizeozelsubembbva.org.tr/ |
16 B 480 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rb_4d4a1b99-123b-457f-ac83-57a07754aaeb
www.ozelsizeozelsubembbva.org.tr/ |
16 B 474 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Garanti (Banking) Generic Cloudflare (Online)39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| dT_ object| dtrum object| dynatrace object| paceOptions object| Pace boolean| _ object| Modernizr function| MobileDetect boolean| desktop object| md string| prefix number| _screenwidth string| gua function| getAndroidVersion function| readDeviceOrientation string| STATIC_ASSET_URL_VAR string| CACHE_PARM_CSS_VAR function| setCSS function| detectIE function| typeButtonFix number| window_max_height number| window_max_height_cc number| window_height number| window_max_width number| window_middle_width number| window_width number| taskbar_height function| hideVerticalScroll function| getResizableText function| getIsubeWindowWidth function| getIsubeLoginWindowHeight function| getIsubeCCLoginWindowHeight function| getIsubeWindowHeight function| resizeOnLoadLogout function| resizeOnLoad function| resizeOnLoadLogin function| resizeOnLoadLoginCC function| getElementsByName_iefix function| setOverviewHeight8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.ozelsizeozelsubembbva.org.tr/ | Name: __cf_mw_byp Value: KFEBbLKUmMAl.3rcLnXC8rGsf2IdNMvAkJtK7oQZrWc-1723298449-0.0.1.1-/ |
|
www.ozelsizeozelsubembbva.org.tr/ | Name: PHPSESSID Value: eare4a4pacaro70upeusk5grqa |
|
.ozelsizeozelsubembbva.org.tr/ | Name: dtCookie Value: v_4_srv_-2D68_sn_DN6FO4V47LRM2PFM8MA6EAG9JN3PDLKL |
|
.ozelsizeozelsubembbva.org.tr/ | Name: rxVisitor Value: 1723298453866P3UP5HG52VRCP7JTKOSVVO8P156TCUQ4 |
|
.ozelsizeozelsubembbva.org.tr/ | Name: dtSa Value: - |
|
www.ozelsizeozelsubembbva.org.tr/ | Name: PHPREFS Value: full |
|
.ozelsizeozelsubembbva.org.tr/ | Name: rxvt Value: 1723300255538|1723298453867 |
|
.ozelsizeozelsubembbva.org.tr/ | Name: dtPC Value: -68$98453865_565h-vIPGMJKWKMRMOFUBSJUEFKDRACUUWKRHU-0e0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sube.assets.garantibbva.com.tr
userstat.net
www.ozelsizeozelsubembbva.org.tr
188.114.97.3
217.68.217.11
2606:4700:3033::6815:1074
0db7e4dcc239c436fca36d8d30dfcfba672f83ae9df63a3b6ea23a80ef8e2c8e
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
1b82aa466e978481cd73c23382706e0a35834830fef6ede2b60cc6faab3c10e7
2aa2e1432f2be7a3d070e94cc564e59bd92edc6b12fc09b1a626a20fea83b092
33e84debacb5ff081e75beb51b979f320e16d3467d81d11724e4ea3cc20537f0
3541db151826636ff9b170b457d6019b1593a62f4782cb2e3846b61ed1bcf60c
4418b7f5ddaa266b8cb2eaa36d1a20bf2a18816f8526f456926190ac27409ef1
464bc5ed6aa582d7ec81c537c2cde24d48fc8c72875c8151de38273ba668fe11
4d05c31802fc851316e0e0587e3b16b4161859f816a529845b1fad9fc84a2399
5602e4c8dcc822cf7fe78d319570e7e5cf43ba8485ff9fc34e56e86edc903023
6da66c35b917c0c1412d98fc3b93c0d414e68ca2c660fbe28923509a5ba73bbf
7d0777cac58dc6055e2e0e6aad20af5f5baf42809035103317719153d8da8971
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82b9725999239869fd9a009c37e2fa116a80349595c8f09d4308b6cffb9b5fb1
82bacd1dfe341ae6a5a28507d2f5d7ef4fcdad9aaf176448ce6f0d312c6b4fe7
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
855e9362ed0f0dca1efd0edb411756ba432fc02d966ac3b0186197fc29e2b037
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
b4abe73a248b9b2983fa297b73d6104f25796410f88e65aca6d860d0d97306cd
d094bf5e2ed17c9d18a11c0490dea66b35ac0f50c5bb63350e28273b710c2e28
da26b747a82a0c1d39ef79a760bf6b53749fc08b8bbefc93379d46d6fd4a7b74
db0b1a9052dca0df2f5d3f3e1d40e383dda4d7aa188525d8188e1d3075f25b59
e464e649382f0b340febadd96d0c42649146f337a20c13b01d6f0fab6a38bd2c
e7fb47db645b6f6c3884e59b8ecd1a3206478e9a27b849d6804e9131f3a710d7
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f79ac9928f4fdc7cb758e936ee5ff677223e62a0146ec993ce694ac861ec34c2
f7a83e3642ca11fbaae82bbcd5a94836701d77479d6580af10a578f2ee17a91f