urlscan.io logo urlscan.io
SecurityTrails logo

www.enerjiizmir.com Open in urlscan Pro
185.8.128.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
Effective URL: https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
Submission: On July 02 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 185.8.128.46, located in Turkey and belongs to ALASTYR, TR. The main domain is www.enerjiizmir.com.
TLS certificate: Issued by R3 on May 31st 2021. Valid for: 3 months.
This is the only time www.enerjiizmir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 185.8.128.46 3188 (ALASTYR)
1 85.95.241.15 206991 (IXIR)
2 2
Apex Domain
Subdomains		 Transfer
2 enerjiizmir.com
enerjiizmir.com
www.enerjiizmir.com
1003 B
1 yurtyazilimi.com
yurtyazilimi.com
974 B
2 2
Domain Requested by
1 yurtyazilimi.com www.enerjiizmir.com
1 www.enerjiizmir.com
1 enerjiizmir.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
enerjiizmir.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
*.yurtyazilimi.com
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
Frame ID: 5604D7771A2BA59392A6EFF0D2BFA43C
Requests: 1 HTTP requests in this frame

Frame: https://yurtyazilimi.com/DIR_LOGIN_ERROR/%EF%BF%BD/iny%EF%BF%BD%EF%BF%BD%07r%EF%BF%BD/%EF%BF%BDi=%EF%BF%BDg%EF%BF%BDq%EF%BF%BDi%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDX%EF%BF%BD
Frame ID: 483D2B08414A60E7FA88DB6F07C11459
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb HTTP 301
    https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

2 kB
Transfer

1 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb HTTP 301
    https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request acces.php
www.enerjiizmir.com/
Redirect Chain
  • http://enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
  • https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
518 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.8.128.46 , Turkey, ASN3188 (ALASTYR, TR),
Reverse DNS
urania.alastyr.com
Software
LiteSpeed / PHP/5.6.40
Resource Hash
1233a86ab859d245eaf60e295acba2ef40e55ab9e5ad65952e55270d35919a4c

Request headers

:method
GET
:authority
www.enerjiizmir.com
:scheme
https
:path
/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
PHP/5.6.40
content-type
text/html; charset=UTF-8
content-length
403
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Fri, 02 Jul 2021 14:02:18 GMT
server
LiteSpeed
alt-svc
h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-type
text/html
content-length
707
date
Fri, 02 Jul 2021 14:02:18 GMT
server
LiteSpeed
location
https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
vary
User-Agent
%EF%BF%BDi=%EF%BF%BDg%EF%BF%BDq%EF%BF%BDi%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDX%EF%BF%BD
yurtyazilimi.com/DIR_LOGIN_ERROR/%EF%BF%BD/iny%EF%BF%BD%EF%BF%BD%07r%EF%BF%BD/ Frame 483D 		708 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yurtyazilimi.com/DIR_LOGIN_ERROR/%EF%BF%BD/iny%EF%BF%BD%EF%BF%BD%07r%EF%BF%BD/%EF%BF%BDi=%EF%BF%BDg%EF%BF%BDq%EF%BF%BDi%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDX%EF%BF%BD
Requested by
Host: www.enerjiizmir.com
URL: https://www.enerjiizmir.com/acces.php?url=ly9pbnn0ywdyyw0vp2k9jmftcdtppvrawlji&pnkbb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.95.241.15 , Turkey, ASN206991 (IXIR, TR),
Reverse DNS
ns1.ankara-web.net
Software
/
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

:method
GET
:authority
yurtyazilimi.com
:scheme
https
:path
/DIR_LOGIN_ERROR/%EF%BF%BD/iny%EF%BF%BD%EF%BF%BD%07r%EF%BF%BD/%EF%BF%BDi=%EF%BF%BDg%EF%BF%BDq%EF%BF%BDi%EF%BF%BD%EF%BF%BD%EF%BF%BD%EF%BF%BDX%EF%BF%BD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
frame
referer
https://www.enerjiizmir.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.enerjiizmir.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
content-type
text/html
content-length
708
date
Fri, 02 Jul 2021 14:02:22 GMT
vary
User-Agent
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

enerjiizmir.com
www.enerjiizmir.com
yurtyazilimi.com
185.8.128.46
85.95.241.15
1233a86ab859d245eaf60e295acba2ef40e55ab9e5ad65952e55270d35919a4c
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa