yenibosvurusorgulamazirat.com Open in urlscan Pro
2606:4700:3031::6815:5212 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yenibosvurusorgulamazirat.com/
Submission: On September 05 via api (September 5th 2024, 1:21:58 pm UTC) from TR — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3031::6815:5212, located in United States and belongs to CLOUDFLARENET, US. The main domain is yenibosvurusorgulamazirat.com.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.

This is the only time yenibosvurusorgulamazirat.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	2606:4700:303... 2606:4700:3031::6815:5212		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	1

13 2606:4700:3031::6815:5212 (United States)

ASN13335 (CLOUDFLARENET, US)

yenibosvurusorgulamazirat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	yenibosvurusorgulamazirat.com yenibosvurusorgulamazirat.com	359 KB
13	1

	Domain	Requested by
13	yenibosvurusorgulamazirat.com	yenibosvurusorgulamazirat.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid
yenibosvurusorgulamazirat.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://yenibosvurusorgulamazirat.com/
Frame ID: 9A072BCAB514856EC901521BB60C5474
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hoşgeldiniz | Ziraat Bankası İnternet Bankacılığı

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

359 kB
Transfer

1138 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response yenibosvurusorgulamazirat.com/	20 KB 4 KB	156ms 88ms	Document text/html	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.11 PleskLin Resource Hash `3394feb4d24284607f960a1cda535163c0a7b14a70a7daa4d43ebddf4dd41ed0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8be68664bbf99bb0-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 05 Sep 2024 13:21:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xn6JmoIm7xvqHzhXbxqolMGCfIQYrLtNrjO8%2F5S5xTnOYDU5JZUiiu235JNbF%2FWfxxBejeQi22byqiktW7YRjNqhtQkb%2BtMYjhZ9s7x%2F%2FNIc3LbM%2FLVPoyF369%2F4Awl7b%2FPrE9fLt2H5hmaOQA7ok4zA%2BMDSpGWEQYyA7Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.3.11 PleskLin
GET H3	200	style.css yenibosvurusorgulamazirat.com/dist/	394 KB 57 KB	114ms 112ms	Stylesheet text/css	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/style.css Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `ababd4e85263ecd5eaf2d57edcde9d78695eb7fd71618eb986d43bd6a0bb15a0` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:53 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:42:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66bba929-6298a" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mM18KFkh1jirFphqlnmQdvEbkkSm21Nk83lvF45eQCdqMHV5LEJeY2gBuBHPDa3hnKWl8TQTjR3e7fs%2BjmqIcY2JkdPU9bxtXYTjMOF%2BkNqtOfRnm3RSkVkgB%2Fs3bub35LoTAy8XeH9Zngd1J8T3cWvrAeJCM4wlGXwug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8be686670e909bb0-FRA alt-svc h3=":443"; ma=86400
GET H3	200	b4.css yenibosvurusorgulamazirat.com/dist/	451 KB 58 KB	108ms 107ms	Stylesheet text/css	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/b4.css Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `52f5e806e71c4530c55e1084222514dff46364e0dd111b34b7a4131394a252ae` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:53 GMT content-encoding br cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:43:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66bba948-70c97" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bb6iI7ON%2Bbo8%2FFvzYCrpZ5w9Usd1FfFoiFyWyDTp1Pc3zni5i%2Fzypn5RqHkFdTgfHjUy8ZsmNMvLTVTRe%2BgNGYDfzL1CNrg19rLWc4LpjiLCnPwYrrtEfrGx1zKTn9l74vSfl0HWpIPxD6GOEs36WTIc2f5S%2BEUawEPDaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8be686670e929bb0-FRA alt-svc h3=":443"; ma=86400
GET H3	200	phone.png yenibosvurusorgulamazirat.com/dist/	8 KB 9 KB	95ms 94ms	Image image/png	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yenibosvurusorgulamazirat.com/dist/phone.png Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:53 GMT cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:42:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba928-20ba" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AYi%2B1hgj1CLWZhPJ1JLZzPkl6CEqH1zNQQ7v4%2B8ZDM6yrW2vtMDSQpEctX5wpf9Tg6ANZZU7oyXVfQy0BQqMVmXnbd%2FqMx22dA1J5GD3I6gO4HxR%2BCWrC4ac23Pbq79Q3zkaj8ZNZy4lY8hmUV4K9OiVWj3eT5ODbwwbFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8be686670e969bb0-FRA alt-svc h3=":443"; ma=86400 content-length 8378
GET H3	200	comodo-logo.png yenibosvurusorgulamazirat.com/dist/	6 KB 7 KB	69ms 68ms	Image image/png	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yenibosvurusorgulamazirat.com/dist/comodo-logo.png Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:54 GMT cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:43:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba948-1897" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fyt3Wt%2FLvWC7AeQ8J33wkU%2BHYrJJKXx2MmtRmge9KyINtyl8GdiUb4dm0vCLV6wDZH2cIOOnV7h77dlF2iRgqLczHoeLTpxc2%2BkQGOJaB8WCrMQhmgJO4P%2FjJo06AaJsArLFQmMbHEDIfIloY%2FUzwt24GP6ZREXm304aUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8be68668580b9bb0-FRA alt-svc h3=":443"; ma=86400 content-length 6295
GET H3	200	tool.js Show response yenibosvurusorgulamazirat.com/dist/	45 KB 8 KB	59ms 59ms	Script application/javascript	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/tool.js Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `4a44e73bf3607b6985034ef7b51a0d7bd395523fc52c8bfb75a9c6463391d9c2` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:53 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 13 Aug 2024 18:42:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66bba929-b538" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmFh6X9RMsBfNHs5Bleb37Pyx2VyleoUUFXxNBu0PvU78f6wDb2maGrE2BsLtgU6HzE2LWaZhMgWw7FmLLSlHskb%2Furte1xNeUdMzVpeg19UV9zi%2FR51wyqciCHGbcMF6ovBFUjvdJzLtwGvhmSj%2BdiNYkQAVgwICF7DnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8be686670e979bb0-FRA alt-svc h3=":443"; ma=86400
GET H3	200	login-bg.jpg yenibosvurusorgulamazirat.com/dist/	104 KB 105 KB	69ms 69ms	Image image/jpeg	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://yenibosvurusorgulamazirat.com/dist/login-bg.jpg Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/dist/b4.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82` Request headers Referer https://yenibosvurusorgulamazirat.com/dist/b4.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:54 GMT cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:43:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba93a-1a0dd" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mR3w13R6VXVDYs4uwwvmInzjZO86%2B2pkM24fd%2FGIvh8nCFC33v8sIbPy5wZRvHxMWTK2F1KYNq%2BgkTF1QFKCupExmpk%2FlLviIZ5T%2BswoTwB6Vd7tW0VSOfvExrJrSOmrhWbyI11EU4dDHZQHkDEXbcXYP3anA7a0rxW2iA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8be68668a86f9bb0-FRA alt-svc h3=":443"; ma=86400 content-length 106717
GET H3	200	other2.woff2 yenibosvurusorgulamazirat.com/dist/	13 KB 14 KB	68ms 67ms	Font font/woff2	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/other2.woff2 Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/dist/b4.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544` Request headers Referer https://yenibosvurusorgulamazirat.com/dist/b4.css Origin https://yenibosvurusorgulamazirat.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:54 GMT cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:42:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba928-349c" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2E2ZMlDpOvX%2F3KSOd9oioj7YO4wSFkyiIO%2BomRnm9wsyPsfx1h7aZ0%2FBxf%2B6KoHr1PyeHWbc09hEihyBnwg777cE%2FdcP5pXGVFZ498MrjLGPem3qFCL2ei2RVGQvZ8mJDsvgtORdHMvHtfLnpOeiOcM01zcJp34RRFSig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 8be6866918d09bb0-FRA alt-svc h3=":443"; ma=86400 content-length 13468
GET H3	200	icomoon.woff2 yenibosvurusorgulamazirat.com/dist/	58 KB 59 KB	72ms 71ms	Font font/woff2	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/icomoon.woff2?6e92p9 Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/dist/b4.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f4ef072a430d2b8bd6b0dd6193bb5e110664516125516f65d1ac392f865bafa1` Request headers Referer https://yenibosvurusorgulamazirat.com/dist/b4.css Origin https://yenibosvurusorgulamazirat.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:54 GMT cf-cache-status REVALIDATED last-modified Tue, 13 Aug 2024 18:43:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba939-e844" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qQvRh2lb%2BIp9eGZRzIDZ%2BaLc4OaPrf6PNoBVRcSj%2B574s5eW2GegZe%2BHBHM%2FQPNbBmqE7FELu22hzd9Oyr%2FB5G7w11f24IAVGDyBU%2Bk5kcaLpjGW0kqB%2B8OveOnTjyxtO1%2Fz1%2FQk7H4NzYFcy2ygOAv4ZOMDx0FX7pDfQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 8be6866918dc9bb0-FRA alt-svc h3=":443"; ma=86400 content-length 59460
GET H3	200	other.woff2 yenibosvurusorgulamazirat.com/dist/	13 KB 14 KB	75ms 75ms	Font font/woff2	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/other.woff2 Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/dist/b4.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472` Request headers Referer https://yenibosvurusorgulamazirat.com/dist/b4.css Origin https://yenibosvurusorgulamazirat.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:54 GMT cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:42:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba928-34a4" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BcyySfoMC9fDUnXIKbPzLondzj8A0csrsACankJMa%2BIoAWEN8WQcdB2Uze2RAPPMhyoLq7e0XTLmJHrQ52TDTDsX9UBEl3WwVRNhimGfVaT2cSdDOC5SJ%2BC8RnnT8n9RaOMPQrctGlGoGzMlb4oHdmy7wMr6h2AbV3mQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 8be6866918dd9bb0-FRA alt-svc h3=":443"; ma=86400 content-length 13476
GET H3	200	touch_icon.png yenibosvurusorgulamazirat.com/dist/	24 KB 25 KB	98ms 97ms	Other image/png	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/dist/touch_icon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 05 Sep 2024 13:21:54 GMT cf-cache-status MISS last-modified Tue, 13 Aug 2024 18:42:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66bba92a-6066" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TE9ndQXhfxAKkrqf%2B2gfC1pG43j4IbotFAZtH9ue6P3%2FwSYUGMi8xzJERslqzF3i2QSprMy%2BbmV4k3WZLE17xcSiLU7kwwA5EjBmAg46008Ud4FgO1Q5POZY4VHBD9qGhLaVyaMrbmME%2FyblgqHesBF%2B72ypLUajNpoEOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8be6866b0b0d9bb0-FRA alt-svc h3=":443"; ma=86400 content-length 24678
POST H3	404	fakesocket.php Show response yenibosvurusorgulamazirat.com/	16 B 472 B	57ms 49ms	Fetch text/html	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/fakesocket.php Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/dist/tool.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.11 Resource Hash `8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 05 Sep 2024 13:21:54 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.3.11 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXrF6CPDN%2B84uRzdHYOhhCGzDNRabnsqrTft9PdtZdwQumsb0TKL7IWfJLjjt1UY13RvnUu6p9GtMyPpEGS4yb4QPKflsSS6ZF4WeUvlI7aHKsBvpnoZ%2F9Vj9AvWrexHLFbujnh5dadeJr%2BnLbQTdgWYI6jGbVygGRkVMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8be6866bcbf49bb0-FRA alt-svc h3=":443"; ma=86400
POST H3	404	fakesocket.php Show response yenibosvurusorgulamazirat.com/	16 B 475 B	58ms 57ms	Fetch text/html	2606:4700:3031::6815:5212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yenibosvurusorgulamazirat.com/fakesocket.php Requested by Host: yenibosvurusorgulamazirat.com URL: https://yenibosvurusorgulamazirat.com/dist/tool.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:5212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.11 Resource Hash `8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41` Request headers Referer https://yenibosvurusorgulamazirat.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 05 Sep 2024 13:21:57 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.3.11 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9Lfh5BrDIlVPa1gGxFNEGicz9a2JScjnGOkzTT0LDb5CBgWNzWgel6Fza524NtYxuLOjAXqzVUzLP8ZgdKVA09nkhnUlVTyJDhx%2FTaHKqPUINHzw%2FcqbFZBQ5OWqBK7RjYAkfk%2B%2FWik6mUkomYdzhlCydI4tP7uXZx9rg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8be6867e79989bb0-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yenibosvurusorgulamazirat.com/fakesocket.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yenibosvurusorgulamazirat.com/fakesocket.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

yenibosvurusorgulamazirat.com
2606:4700:3031::6815:5212
2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544
3394feb4d24284607f960a1cda535163c0a7b14a70a7daa4d43ebddf4dd41ed0
3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166
4a44e73bf3607b6985034ef7b51a0d7bd395523fc52c8bfb75a9c6463391d9c2
52f5e806e71c4530c55e1084222514dff46364e0dd111b34b7a4131394a252ae
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
ababd4e85263ecd5eaf2d57edcde9d78695eb7fd71618eb986d43bd6a0bb15a0
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077
f4ef072a430d2b8bd6b0dd6193bb5e110664516125516f65d1ac392f865bafa1

yenibosvurusorgulamazirat.com Open in urlscan Pro 2606:4700:3031::6815:5212 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

359 kBTransfer

1138 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

yenibosvurusorgulamazirat.com Open in urlscan Pro
2606:4700:3031::6815:5212 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

359 kB
Transfer

1138 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!