bayramaozelkampanyakatilim.duckdns.org Open in urlscan Pro
185.221.201.195 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bayramaozelkampanyakatilim.duckdns.org/
Submission: On June 23 via api (June 23rd 2023, 2:57:51 am UTC) from TR — Scanned from NL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 185.221.201.195, located in Netherlands and belongs to ABELOHOST, NL. The main domain is bayramaozelkampanyakatilim.duckdns.org.

This is the only time bayramaozelkampanyakatilim.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Turkish Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
17	185.221.201.195 185.221.201.195	204196 (ABELOHOST) (ABELOHOST)
1 2	185.149.100.222 185.149.100.222	209853 (VERIDYEN ...) (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
22	3

17 185.221.201.195 (Netherlands)

ASN204196 (ABELOHOST, NL)
PTR: benimresimsayfam.net

bayramaozelkampanyakatilim.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.149.100.222 (Izmir, Turkey) 1 redirects

ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR)
PTR: lupin.veridyen.com

www.yazhocam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	duckdns.org bayramaozelkampanyakatilim.duckdns.org	426 KB
4	gstatic.com fonts.gstatic.com	55 KB
2	yazhocam.com 1 redirects www.yazhocam.com	72 KB
22	3

	Domain	Requested by
17	bayramaozelkampanyakatilim.duckdns.org	bayramaozelkampanyakatilim.duckdns.org
4	fonts.gstatic.com	bayramaozelkampanyakatilim.duckdns.org
2	www.yazhocam.com	1 redirects bayramaozelkampanyakatilim.duckdns.org
22	3

This site contains no links.

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://bayramaozelkampanyakatilim.duckdns.org/
Frame ID: AB896BDE3AFD9BD557DE225F38E7BF11
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-Devlet | Aidat İade Sistemi

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

18 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

553 kB
Transfer

549 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.yazhocam.com/wp-content/uploads/2018/02/Beyaz-Arkaplan.jpg HTTP 301
https://www.yazhocam.com/wp-content/uploads/2018/02/Beyaz-Arkaplan.jpg

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bayramaozelkampanyakatilim.duckdns.org/ 7 KB
7 KB 199ms
77ms Document
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache / PHP/5.6.40
Resource Hash: a6ca3b7772d35185d16c07c357d59cafae939dcfa8590e69b8d09afbf7311f7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Jun 2023 02:57:46 GMT
Keep-Alive: timeout=5, max=10000
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c
X-Powered-By: PHP/5.6.40

GET
H/1.1 404
Not Found bootstrap.min.css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 0
0 26ms
26ms Stylesheet
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/bootstrap.min.css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=9999
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found font-awesome.min.css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 0
0 52ms
26ms Stylesheet
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/font-awesome.min.css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=9998
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found flaticon.css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 0
0 53ms
26ms Stylesheet
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/flaticon.css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=10000
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 31 KB
31 KB 53ms
26ms Stylesheet
text/plain 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: 608ff39d81bf3098a9db9aaea1c56c59773d04db4bdb4567500842cc9f1431cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 31432

GET
H/1.1 404
Not Found style.css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 0
0 53ms
27ms Stylesheet
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/style.css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=10000
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found default.css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 0
0 53ms
26ms Stylesheet
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/default.css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=10000
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-3.2.1.min.js.indir Show response
bayramaozelkampanyakatilim.duckdns.org/index_files/ 85 KB
85 KB 105ms
26ms Script
application/javascript 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/jquery-3.2.1.min.js.indir
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 86659

GET
H/1.1 200
OK jquery.creditCardValidator.js.indir Show response
bayramaozelkampanyakatilim.duckdns.org/index_files/ 8 KB
9 KB 107ms
25ms Script
application/javascript 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/jquery.creditCardValidator.js.indir
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 8625

GET
H/1.1 200
OK bootstrap.min(1).css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 163 KB
164 KB 53ms
26ms Stylesheet
text/css 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/bootstrap.min(1).css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: 0a0a376dc5ee222a63ee133b4ae1dc75a8655ae493139aa478d7a0dc64755a39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Upgrade: h2,h2c
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 167154

GET
H/1.1 200
OK font-awesome.min(1).css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 38 KB
38 KB 80ms
26ms Stylesheet
text/css 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/font-awesome.min(1).css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: 2f499490b865ea22b5a1efdeade6d8b977073b0642238b51109cd202167d173e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 38634

GET
H/1.1 200
OK flaticon(1).css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 2 KB
2 KB 79ms
26ms Stylesheet
text/css 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/flaticon(1).css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: b86d0b93e4e11cf1a09e3a7efe97c0faa07a335bd100b85f2ce7655942da1894

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 1638

GET
H/1.1 200
OK style(1).css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 66 KB
66 KB 80ms
27ms Stylesheet
text/css 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/style(1).css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: cb409ca7227f6ea8937b56b2c90284afe4f0596944940317b3fb7bb8444a69b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 67403

GET
H/1.1 200
OK default(1).css
bayramaozelkampanyakatilim.duckdns.org/index_files/ 154 B
396 B 80ms
27ms Stylesheet
text/css 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/default(1).css
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: cbb81f38ee322ed3d62af6bb700def6a6be839b1edafcb6261fc2a78ed4ffdb3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 154

GET
H/1.1 200
OK logo-2.png
bayramaozelkampanyakatilim.duckdns.org/index_files/ 11 KB
11 KB 26ms
25ms Image
image/png 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/logo-2.png
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: 257461ed4d440311ffc7147309e879bc3ea33dc97c7f7cd15e17bc5ab0dd538e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 10879

GET
H/1.1 200
OK creditly.js.indir Show response
bayramaozelkampanyakatilim.duckdns.org/index_files/ 14 KB
14 KB 26ms
26ms Script
application/javascript 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/creditly.js.indir
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: 87f22c41dbcb26bad91fbaf973d978ab76cd68a768ad20b3a3596c9277cb113c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Last-Modified: Mon, 22 Jul 2019 07:20:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 14054

GET
H2

200

Beyaz-Arkaplan.jpg
www.yazhocam.com/wp-content/uploads/2018/02/
Redirect Chain

http://www.yazhocam.com/wp-content/uploads/2018/02/Beyaz-Arkaplan.jpg
https://www.yazhocam.com/wp-content/uploads/2018/02/Beyaz-Arkaplan.jpg

71 KB
71 KB

361ms
179ms

Image
image/jpeg

185.149.100.222
VERIDYEN Veridyen...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yazhocam.com/wp-content/uploads/2018/02/Beyaz-Arkaplan.jpg
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/
Protocol: H2
Server: 185.149.100.222 Izmir, Turkey, ASN209853 (VERIDYEN Veridyen Bilisim Teknolojileri Sanayi ve Ticaret Limited Sirketi, TR),
Reverse DNS: lupin.veridyen.com
Software: /
Resource Hash: 457cac5dccdf4c67de5e139d64507819421bbb252e88951cbabddbee68267699

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Fri, 23 Jun 2023 02:57:47 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 24 Feb 2018 16:44:58 GMT
etag: "11c33-5a91968a-0;;;"
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 72755
expires: Sat, 22 Jun 2024 02:57:47 GMT

Redirect headers

location: https://www.yazhocam.com/wp-content/uploads/2018/02/Beyaz-Arkaplan.jpg
date: Fri, 23 Jun 2023 02:57:46 GMT
referrer-policy: no-referrer-when-downgrade
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html

GET
H/1.1 404
Not Found bg-image.jpeg
bayramaozelkampanyakatilim.duckdns.org/img/ 315 B
315 B 26ms
26ms Image
text/html 185.221.201.195
ABELOHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bayramaozelkampanyakatilim.duckdns.org/img/bg-image.jpeg
Requested by: Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/style(1).css
Protocol: HTTP/1.1
Server: 185.221.201.195 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: benimresimsayfam.net
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://bayramaozelkampanyakatilim.duckdns.org/index_files/style(1).css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 23 Jun 2023 02:57:46 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=9998
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v16/ 14 KB
14 KB 119ms
41ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bayramaozelkampanyakatilim.duckdns.org/
Origin: http://bayramaozelkampanyakatilim.duckdns.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 19:31:22 GMT
x-content-type-options: nosniff
age: 458785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14380
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 19:31:22 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 111ms
33ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bayramaozelkampanyakatilim.duckdns.org/
Origin: http://bayramaozelkampanyakatilim.duckdns.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:06:47 GMT
x-content-type-options: nosniff
age: 467460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15056
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:06:47 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 154ms
77ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bayramaozelkampanyakatilim.duckdns.org/
Origin: http://bayramaozelkampanyakatilim.duckdns.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 15:35:59 GMT
x-content-type-options: nosniff
age: 472908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14880
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 15:35:59 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v16/ 11 KB
11 KB 144ms
69ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: bayramaozelkampanyakatilim.duckdns.org
URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bayramaozelkampanyakatilim.duckdns.org/
Origin: http://bayramaozelkampanyakatilim.duckdns.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:32:02 GMT
x-content-type-options: nosniff
age: 516345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:13:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 03:32:02 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Turkish Government (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/flaticon.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/default.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bayramaozelkampanyakatilim.duckdns.org/index_files/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bayramaozelkampanyakatilim.duckdns.org/img/bg-image.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bayramaozelkampanyakatilim.duckdns.org
fonts.gstatic.com
www.yazhocam.com
185.149.100.222
185.221.201.195
2a00:1450:4001:80e::2003
0a0a376dc5ee222a63ee133b4ae1dc75a8655ae493139aa478d7a0dc64755a39
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
257461ed4d440311ffc7147309e879bc3ea33dc97c7f7cd15e17bc5ab0dd538e
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2f499490b865ea22b5a1efdeade6d8b977073b0642238b51109cd202167d173e
457cac5dccdf4c67de5e139d64507819421bbb252e88951cbabddbee68267699
608ff39d81bf3098a9db9aaea1c56c59773d04db4bdb4567500842cc9f1431cb
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87f22c41dbcb26bad91fbaf973d978ab76cd68a768ad20b3a3596c9277cb113c
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a6ca3b7772d35185d16c07c357d59cafae939dcfa8590e69b8d09afbf7311f7d
b86d0b93e4e11cf1a09e3a7efe97c0faa07a335bd100b85f2ce7655942da1894
c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079
cb409ca7227f6ea8937b56b2c90284afe4f0596944940317b3fb7bb8444a69b2
cbb81f38ee322ed3d62af6bb700def6a6be839b1edafcb6261fc2a78ed4ffdb3
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

bayramaozelkampanyakatilim.duckdns.org Open in urlscan Pro 185.221.201.195 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

18 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

553 kBTransfer

549 kBSize

0 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

bayramaozelkampanyakatilim.duckdns.org Open in urlscan Pro
185.221.201.195 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

18 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

553 kB
Transfer

549 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!