nufusehliyetsorgulama3.xyz Open in urlscan Pro
2606:4700:3031::6815:40a1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nufusehliyetsorgulama3.xyz/
Effective URL:
https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Submission: On August 23 via automatic, source openphish (August 23rd 2024, 2:24:14 pm UTC) — Scanned from DE

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3031::6815:40a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is nufusehliyetsorgulama3.xyz.
TLS certificate: Issued by WE1 on August 17th 2024. Valid for: 3 months.

This is the only time nufusehliyetsorgulama3.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700:303... 2606:4700:3031::6815:40a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	31.3.2.116 31.3.2.116	21245 (MEDIANOVA...) (MEDIANOVA-CDN)
24	2

18 2606:4700:3031::6815:40a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nufusehliyetsorgulama3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 31.3.2.116 (Frankfurt am Main, Germany)

ASN21245 (MEDIANOVA-CDN, TR)

cdn.e-devlet.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nufusehliyetsorgulama3.xyz 1 redirects nufusehliyetsorgulama3.xyz	169 KB
7	e-devlet.gov.tr cdn.e-devlet.gov.tr — Cisco Umbrella Rank: 116811	96 KB
24	2

	Domain	Requested by
18	nufusehliyetsorgulama3.xyz	1 redirects nufusehliyetsorgulama3.xyz
7	cdn.e-devlet.gov.tr	nufusehliyetsorgulama3.xyz
24	2

This site contains links to these domains. Also see Links.

Domain
youtu.be

Subject Issuer	Validity	Valid
nufusehliyetsorgulama3.xyz WE1	`2024-08-17` - `2024-11-15`	3 months	crt.sh
cdn.e-devlet.gov.tr GlobalSign RSA OV SSL CA 2018	`2024-02-22` - `2025-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Frame ID: 4023B6304C92703EBD64D6215237DD0C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-Devlet Kapısı

Page URL History Show full URLs

https://nufusehliyetsorgulama3.xyz/ Page URL
https://nufusehliyetsorgulama3.xyz/cdn-cgi/phish-bypass?atok=_Ype6Sq26H0yeGhTNo5EELur_y7nnsvFOMXPltRw09s-172442... HTTP 301
https://nufusehliyetsorgulama3.xyz/ Page URL
https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

265 kB
Transfer

457 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youtu.be/tiGuD_X0QNE?list=RDtiGuD_X0QNE
Title: Hızlı Çözüm Merkezi

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nufusehliyetsorgulama3.xyz/ Page URL
https://nufusehliyetsorgulama3.xyz/cdn-cgi/phish-bypass?atok=_Ype6Sq26H0yeGhTNo5EELur_y7nnsvFOMXPltRw09s-1724423044-0.0.1.1-%2F HTTP 301
https://nufusehliyetsorgulama3.xyz/ Page URL
https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://nufusehliyetsorgulama3.xyz/cdn-cgi/phish-bypass?atok=_Ype6Sq26H0yeGhTNo5EELur_y7nnsvFOMXPltRw09s-1724423044-0.0.1.1-%2F HTTP 301
https://nufusehliyetsorgulama3.xyz/

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
nufusehliyetsorgulama3.xyz/ 4 KB
2 KB 123ms
17ms Document
text/html 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nufusehliyetsorgulama3.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5493848ad3f06e914a2a4d006fa22878e2854e99375a387be5b313693f20eca9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-ray: 8b7bc39ecd8e9ffc-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 23 Aug 2024 14:24:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyOrKkZigw5bf6l0oUGQm7OaDrSHFQIBAVzdDPh3eOKuFB7YiI0LHbttWUAw%2B20W0CA0L3DzNE7opfA3BT3cWM2isQ3HeiAQChBDOFGjt2mTUNdncRIX6kG9S%2FE%2FWieCbgqIgCaQgPR6TNUXPPcw50HTsxGkT2omVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
nufusehliyetsorgulama3.xyz/cdn-cgi/styles/ 23 KB
5 KB 15ms
15ms Stylesheet
text/css 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nufusehliyetsorgulama3.xyz/cdn-cgi/styles/cf.errors.css

Requested by

Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 12:07:35 GMT
server: cloudflare
etag: W/"66c5d887-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8b7bc39eedc09ffc-AMS
expires: Fri, 23 Aug 2024 16:24:04 GMT

GET
H2 200 icon-exclamation.png
nufusehliyetsorgulama3.xyz/cdn-cgi/images/ 452 B
541 B 15ms
15ms Image
image/png 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nufusehliyetsorgulama3.xyz/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 12:07:35 GMT
server: cloudflare
etag: "66c5d887-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8b7bc39f0deb9ffc-AMS
content-length: 452
expires: Fri, 23 Aug 2024 16:24:04 GMT

GET
H2 404 favicon.ico
nufusehliyetsorgulama3.xyz/ 584 B
723 B 334ms
334ms Other
text/html 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:05 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhP%2BGaE%2FilkFoxQLpDxr%2B7d6PQvgt%2FRQmkCJmcuoSsXAFwypfbKTkHtXNml5kLHjSgD4WmkApH1OHduJZwgquZYJKNyWVnyQtiY0FycyGD7KQR251KgeHT6m7oqMMDccrz0ExpaT%2F2jKQNswf82IB0Y5xlGtqzrKqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b7bc39f9ec69ffc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2

200

/
nufusehliyetsorgulama3.xyz/
Redirect Chain

https://nufusehliyetsorgulama3.xyz/cdn-cgi/phish-bypass?atok=_Ype6Sq26H0yeGhTNo5EELur_y7nnsvFOMXPltRw09s-1724423044-0.0.1.1-%2F
https://nufusehliyetsorgulama3.xyz/

135 B
460 B

344ms
344ms

Document
text/html

2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b7bc3b69c309ffc-AMS
content-encoding: br
content-type: text/html
date: Fri, 23 Aug 2024 14:24:09 GMT
last-modified: Sat, 17 Aug 2024 10:51:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjXCbujLTcUH4ChfupKLHkvBqeRzSBOMcNAKRAS2KuW31xeuuBC6St64O2jLxp%2BW%2BY5XYuaJKvvKZPgVwvPkRI4Ah3xg%2FcHmp%2F1JtVxQ2lLTIi68nqYrQ5cFCzxNKBTA4%2B02vo8GtAnYsQgTdHs9O9m7289l%2F3RYTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: private, no-cache
cf-ray: 8b7bc3b67c0e9ffc-AMS
content-length: 167
content-type: text/html
date: Fri, 23 Aug 2024 14:24:08 GMT
location: https://nufusehliyetsorgulama3.xyz/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 Primary Request gir.html Show response
nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/ 15 KB
5 KB 346ms
346ms Document
text/html 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ec3b4dde16d933d2db6051057056a44b40c66f8fb4bcf569dcf5881cb73874

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b7bc3b8e98b96fe-AMS
content-encoding: br
content-type: text/html
date: Fri, 23 Aug 2024 14:24:09 GMT
last-modified: Sat, 17 Aug 2024 10:52:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hkTbDgTThc3ESSLltS3fO4CBWmcND86hhd%2F4pGFpYWTsHz5hHYo8vXF4Bo8HUuaP3zfvkzFCgFyrzFxb7s6KEs7S1Nkd%2BU9AzLMHEHiHraq8KtYhZog0RYgEn4WzAIGCFyzYADqiKlWjsDerjp56bnW9mf%2BbBdNlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 login-main.1.9.5.css
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/ 48 KB
12 KB 357ms
357ms Stylesheet
text/css 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9aae4ae41200ef91d0067e7dba43f73ea704cc3e0fb749c02af5ee29d445c29

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2pV59d1Ras2nEc7i610MBLsZzHntbc0%2F2snWwDb%2Bj3RUJagJjeqS%2FjzUx8tm76JQjXVXiFzJg4wcWQ8inv2cVtd36n%2BWxnK%2FKYe8KI6lXqKdcEf9jS4o6eg12Sn%2B1BqSP4%2BXamapE0SYhfRmE3iGaXloMYqMopQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b7bc3bb1c1d96fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11482

GET
H3 200 edk-logo.png
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/images/login/ 10 KB
11 KB 360ms
355ms Image
image/png 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/images/login/edk-logo.png
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7db1afe2e727172c7166f0a97d583a595481ddc6e3a6d1a9e51d854dab3f2344

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FcUHTNxRYvPeF8x03U57Cj%2B807Jp%2BrOOzNpDQ677xuT0W6mMAwGC%2F7Z0LEcvzvDFuCrvci076IKg4UtiBLrB32Zy8s%2BkCCocJCwYMOJu1nx3n7s0hZFNPBMneaqgrFDYvbYb6CqB8x4j6nUBlYofI%2Fiawn9gSJ67g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b7bc3bb2c2896fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10604

GET
H3 200 1.png
nufusehliyetsorgulama3.xyz/bebe/themes/istanbul/images/agencies/ 2 KB
2 KB 381ms
380ms Image
image/png 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/istanbul/images/agencies/1.png
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0urbUoLzWd7DviHX2RzPBrJkO3kOP0ng7vyFJL7rr%2BgW4Sh%2BPtWjVw1fgRYRu7rkRy2KeGtzL33Zw6dJmwAM2O99T6%2FQz4rPgClsiMF1JoKVLi0kUtOVRiTr9v5%2BYvoCWdbuzQMvCsZeN9faEBXZILbzZclYQAiHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b7bc3bb2c3896fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1855

GET
H3 200 DDO-logo.png
nufusehliyetsorgulama3.xyz/bebe/themes/nevsehir/images/ 12 KB
12 KB 372ms
367ms Image
image/png 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/nevsehir/images/DDO-logo.png
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae42dd0054dbd0953f55d387bf0f1e10ae51646a3f7b83203d60b4d855bc1d2

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gCgluz8cwTWMw3%2FUIvKZ3cn%2FPkGohnfypEUzJet2M5Bjgt3PlPCsPNVZcQejaz9E%2FrNpabU3hgsUFYA63vR97g%2FWUZSU%2FI2jZErR7TZkeMTA45enRM7XL4bZaKcwi91AlrMiDbcS%2BTEESKbZCrJ9rb5COwYQmlYFKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b7bc3bb2c2f96fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11864

GET
H3 200 common.1.9.5.js Show response
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/ 149 KB
62 KB 337ms
336ms Script
application/javascript 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/common.1.9.5.js
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf6926c380dac1db8cb4a77b65f5135ed8ef4fc8d3d4f7a21a5d466bf2634e3

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fd7lXEGqJSBs1uYTHW52QxWdOQXbHm3XH9sde%2Bkq0shcthukAag799eFC7yiBnVD0278TMge1hOWf2SDqyki8bEK%2FjCCXJfudo1kT2otBa24K8tgDMhLGvhRvRsr%2Bd%2Fi1nkMNIMZLnFTjbAybOups2QH2t5ox1F6mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b7bc3bb2c3196fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.jcryption.1.9.5.js Show response
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/ 65 KB
25 KB 379ms
378ms Script
application/javascript 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/jquery.jcryption.1.9.5.js
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10cea3887f0a3cf60d9fc06e809594d051c37563e2d3d8e8548f86d225fef398

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUqzd6jIRfxqfdOYQv3V6vAhVMC6IdNfizuI7tj9htzL4u9AXgUFKN%2FuWcFN%2B7r7rLP27clx0YMvvyKxNwBBF0iTW25VPWrIKR8RJiMw4lkyXxs3kWzN4p29LoHEIfV74KgrWwAnsMyYCw4aOxgGVBTv%2FsD6kp3G%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b7bc3bb2c3396fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 edk-giris.1.9.5.js Show response
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/ 8 KB
4 KB 380ms
380ms Script
application/javascript 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/edk-giris.1.9.5.js
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e36ae23ad2061185e1afec83801772dd62209a32b6120f892e9ad0657845c46f

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 17 Aug 2024 10:52:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQax0%2BELjX9W89zWT8%2BdgUQpqLtCdzVvhkrteUeUJwJTVejqJBWx2stoswkM2iosmSp7eISPo2cJ72xhtspcqvXZB3UfexLXBloMnpZslAw0cvTD2foH3uLxcFUXeScDP%2FDpxVByvFHUBW9hJZmcvaqUCquluoMpOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b7bc3bb2c3696fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 3315

GET
H2 200 P5sBzZCDf9_T_1Wi4TRDrZKF09E3.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 9 KB
10 KB 399ms
21ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-237
x-mnrequest-id: a33f8c1c605b9e95d8d72a557f07f1ad
x-edge-location: DE-372
etag: W/"6405ea6b-2564"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: MNCDN-2137
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCFuj5-v.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 9 KB
10 KB 394ms
18ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10ZxCFuj5-v.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: 7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-237
x-mnrequest-id: a11434d3082348dda2963ad2af9c7693
x-edge-location: DE-372
etag: W/"6405ea6b-2584"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 edkicon.180.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/grs-icon/ 7 KB
8 KB 397ms
21ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/grs-icon/edkicon.180.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: 285c09a437dae1191b7861695dce9653b83b3ce967b898415afe9b748268ad31

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Fri, 16 Aug 2024 12:22:55 GMT
server: MNCDN-237
x-mnrequest-id: 194d4d222d444b69bb5590fd3af31701
x-edge-location: DE-372
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sCzZCDf9_T_10c9CNkiL2t2dk.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 10 KB
10 KB 408ms
28ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9CNkiL2t2dk.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: ad13b3fe0d7ffedfef7b0495f001577ceafcf0da1691cccd060ce8171137e7b7

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-237
x-mnrequest-id: 085a2f13aff358b813cb6f7647ea12fe
x-edge-location: DE-372
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 19 KB
19 KB 394ms
18ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: baa4939ce5526f6345842e8324ea0a248d0e139eef54fe377492fd44a79803a5

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-237
x-mnrequest-id: aa11bdbe900ffe121518a8efcb78b8cd
x-edge-location: DE-372
etag: W/"6405ea6b-4ac4"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: MNCDN-2137
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sMzZCDf9_T_10XxCFuj5-v6dg.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 19 KB
19 KB 383ms
7ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10XxCFuj5-v6dg.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: 1f634d0016221534cb3f7a6f0a369972d44cb2b5f7b5b17c70144be47791c882

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-237
x-mnrequest-id: 604e210f59e9b4438735f4e1cb0f1757
x-edge-location: DE-372
etag: W/"6405ea6b-4a4c"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.180.woff2
cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/ 20 KB
20 KB 383ms
7ms Font
application/octet-stream 31.3.2.116
MEDIANOVA-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.e-devlet.gov.tr/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.180.woff2
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/css/login-main.1.9.5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.3.2.116 Frankfurt am Main, Germany, ASN21245 (MEDIANOVA-CDN, TR),
Reverse DNS
Software: MNCDN-237 /
Resource Hash: 9c6e2b09ac19fe1395ca10c2872f9b132eb136faedb9bd7896779453497fec87

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/
Origin: https://nufusehliyetsorgulama3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
last-modified: Mon, 06 Mar 2023 13:28:11 GMT
server: MNCDN-237
x-mnrequest-id: df0073261325efc80874605cf7c440ca
x-edge-location: DE-372
etag: W/"6405ea6b-4f94"
x-cache-status: Edge : HIT,
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=7776000
x-mserver: DE-372
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 404 common_messages_tr.1.9.5.js
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/ 0
0 364ms
359ms Script
text/html 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/common_messages_tr.1.9.5.js
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/common.1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYsE4BmQ1xP2psGMA%2FsLMc3ZmdXZ4ciaOb%2BUbR9pYhanjh4SUZjfeBYG%2FElHBx%2BpITd%2FHNXGPR0hg9S7ezHpVATE6B99uvVcjrhVaXucoWTMTRPGwgJq8ug7ggbBmlosmVkqkfGwxmd9eJL0HnJmcq2aLfyTcwuApA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b7bc3bdbf7d96fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 login_messages_tr.1.9.5.js
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/ 0
0 353ms
352ms Script
text/html 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/login_messages_tr.1.9.5.js
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/common.1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Meds5cvMIDCOGRzwKwiFvtYNu74y%2F4skwkf%2FIuyykhGuKAtOJtuXa8u2MxBAPckyIAWO4EWI589AKxOVaCbvNdkM2gsjM95BhOSzEtX8hSZ2qZSz5KgForrUteb2lPtYyPtcMkgOezBK7gsBw0%2BJR1HvAMuZxO2dMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8b7bc3bdbf8096fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 CryptoServlet Show response
nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/ 583 B
769 B 227ms
224ms XHR
text/html 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/CryptoServlet?generateKeyPair=true&pn=%2Fsurucubelgesi%2FGiris%2Fgir.html&ajax=1&token=
Requested by: Host: nufusehliyetsorgulama3.xyz
URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/common.1.9.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Mar 2022 21:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSpEM5CfIfOtcJGlS7Ww5bxor%2BdhbnHFHSPEdYcNKX3a0p5JSVybx9nopvy2TedG7d78reOYhBnIvxU5k3CZYozfG6IIqYzVDTLmmK3b2G1x1X4g%2BBZwlELC0ES7Q%2FqlAsyKee4o8UHmaPgBjXHsOsAwQXF2VUIKNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8b7bc3bdcf8796fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon-196x196.png
nufusehliyetsorgulama3.xyz/bebe/themes/izmir/images/favicons/ 26 KB
27 KB 38ms
37ms Other
image/png 2606:4700:3031::6815:40a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/images/favicons/favicon-196x196.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe

Request headers

Referer: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/gir.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:24:10 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Aug 2024 10:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3526
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkvnNBouIAo264%2Fvfqy3QTk1XAmBExMP8XTH9FvqB63wwS2470P6OmWfwPa13ewY3UxFbnDmSpQuLKGdsxeiDSTF9UhSyJ%2FRjeNooLb4pXf7%2FU0co7Elg5HPKtansGaMR%2FIlxjhhb2Ug9O0P7%2B%2BVOUDispq1dYjz2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b7bc3c14c4696fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 27074

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nufusehliyetsorgulama3.xyz/	1970-01-20 23:01:49	Name: __cf_mw_byp Value: _Ype6Sq26H0yeGhTNo5EELur_y7nnsvFOMXPltRw09s-1724423044-0.0.1.1-/

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nufusehliyetsorgulama3.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nufusehliyetsorgulama3.xyz/surucubelgesi/Giris/CryptoServlet?generateKeyPair=true&pn=%2Fsurucubelgesi%2FGiris%2Fgir.html&ajax=1&token= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/login_messages_tr.1.9.5.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nufusehliyetsorgulama3.xyz/bebe/themes/izmir/js/es/common_messages_tr.1.9.5.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.e-devlet.gov.tr
nufusehliyetsorgulama3.xyz
2606:4700:3031::6815:40a1
31.3.2.116
0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5
10cea3887f0a3cf60d9fc06e809594d051c37563e2d3d8e8548f86d225fef398
1f634d0016221534cb3f7a6f0a369972d44cb2b5f7b5b17c70144be47791c882
285c09a437dae1191b7861695dce9653b83b3ce967b898415afe9b748268ad31
3bf5e5ca85ce6ad688a371a2d67d083c0be0dc4200bb39ddd125de745d9fdff5
5493848ad3f06e914a2a4d006fa22878e2854e99375a387be5b313693f20eca9
59ec3b4dde16d933d2db6051057056a44b40c66f8fb4bcf569dcf5881cb73874
7d79596300bbb0d5208efbeb996a0dd57030fb5bed5f8d1ec3e909054c41ec72
7db1afe2e727172c7166f0a97d583a595481ddc6e3a6d1a9e51d854dab3f2344
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9c6e2b09ac19fe1395ca10c2872f9b132eb136faedb9bd7896779453497fec87
9cf6926c380dac1db8cb4a77b65f5135ed8ef4fc8d3d4f7a21a5d466bf2634e3
ad13b3fe0d7ffedfef7b0495f001577ceafcf0da1691cccd060ce8171137e7b7
b1fd7ed49a8246ec384c86e59d428c8ab8bbcbb247eaa0f8866d92f47ce7b6f5
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18
baa4939ce5526f6345842e8324ea0a248d0e139eef54fe377492fd44a79803a5
d9aae4ae41200ef91d0067e7dba43f73ea704cc3e0fb749c02af5ee29d445c29
dae42dd0054dbd0953f55d387bf0f1e10ae51646a3f7b83203d60b4d855bc1d2
e36ae23ad2061185e1afec83801772dd62209a32b6120f892e9ad0657845c46f
eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

nufusehliyetsorgulama3.xyz Open in urlscan Pro 2606:4700:3031::6815:40a1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

265 kBTransfer

457 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

44 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

nufusehliyetsorgulama3.xyz Open in urlscan Pro
2606:4700:3031::6815:40a1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

265 kB
Transfer

457 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!