urlscan.io logo urlscan.io
SecurityTrails logo

segurosclick.info Open in urlscan Pro
2606:4700:3033::6815:178e  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://segurosclick.info/
Effective URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Submission: On March 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3033::6815:178e, located in United States and belongs to CLOUDFLARENET, US. The main domain is segurosclick.info.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.
This is the only time segurosclick.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garanti (Banking)

Domain & IP information

IP Address AS Autonomous System
1 19 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
20 segurosclick.info
segurosclick.info
296 KB
18 1
Domain Requested by
20 segurosclick.info 2 redirects segurosclick.info
18 1

This site contains no links.

Subject Issuer Validity Valid
segurosclick.info
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Frame ID: 383CF5B0B776B28D5D74ABBEF5D91C7F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Garanti BBVA İnternet

Page URL History Show full URLs

  1. https://segurosclick.info/ HTTP 302
    http://segurosclick.info/isube/login/login/passwordentrypersonal-tr HTTP 301
    https://segurosclick.info/isube/login/login/passwordentrypersonal-tr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

294 kB
Transfer

775 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://segurosclick.info/ HTTP 302
    http://segurosclick.info/isube/login/login/passwordentrypersonal-tr HTTP 301
    https://segurosclick.info/isube/login/login/passwordentrypersonal-tr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request passwordentrypersonal-tr
segurosclick.info/isube/login/login/
Redirect Chain
  • https://segurosclick.info/
  • http://segurosclick.info/isube/login/login/passwordentrypersonal-tr
  • https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8438ab30f6dba4653de64b6adcc4382b93ab9bac9973d9367b70b4c15624226

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
867eebefcd244bcd-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 21 Mar 2024 15:19:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1uaZXBkIxDqIPFsGEeFVt5UIcPJx%2B14vG4FOAbXRciulMCHKcnlhsOAzlt20diwjvUPI3dTAYJHLzZRl6y24D9qXT1b%2FJ8%2BShhkSJyj0XRveC5hqjt%2FY8VX%2FoRxV9BkgcGflT0ejUpIGXc7dU3YbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
867eebee2b4b4bc3-BUF
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 21 Mar 2024 15:19:40 GMT
Location
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7wgHnMAn%2FKKL81GpBx4HqVZxCHojrtAsy2PZ5wk6xtQqLLZcAUg7BQfuU2fZtgE906eWjxzwa6wYcZtKCjI9bVxxG3ZeDk151PPdjgLXXO6zxdlDOJKS1vSzHZVbALtZXHvIyiAx9WQDv5EjQxfAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
addtohomescreenaad4.css
segurosclick.info/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/css/addtohomescreenaad4.css?__ctst__=1678932104732
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e464e649382f0b340febadd96d0c42649146f337a20c13b01d6f0fab6a38bd2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 08:28:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBR8eNV5Pg2vFPBWZ%2FTqOYzv7zx2JYvPqtcMFIsT2eYmR9mmU2JSQ%2BtQKNS6AYXnOd78p9aPhMemYyZ60CxYZBE9g3yp6zGYrKxoZkcmot3hzd3yCGJy6l%2F1O4YGKVZXavVpNkN6CymK6xh60MN7rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867eebf49ea84bcf-BUF
alt-svc
h3=":443"; ma=86400
pace.css
segurosclick.info/assets/css/ 		566 B
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/css/pace.css
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b82aa466e978481cd73c23382706e0a35834830fef6ede2b60cc6faab3c10e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:03:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJNqZsbjgZ3QWemwzYLMxhF0GNQABBPCHcjlDuVsHiTmUULsduqVKNI%2FenqH4CCiY4LLgPjR%2FnTGfG45s89McEhLt82YhRR1XUTNjJIhZB7%2BNvQ1pAfn6u5a3aTK6iEzmTX55R%2BaVxYxB1%2BEp93P1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867eebf49eaa4bcf-BUF
alt-svc
h3=":443"; ma=86400
firstscreen.css
segurosclick.info/assets/css/ 		773 B
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/css/firstscreen.css
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0777cac58dc6055e2e0e6aad20af5f5baf42809035103317719153d8da8971

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:04:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F61t%2Bo7oauIZhHd2fNQ%2Flko5uvK2yPxCR6aI1ET5%2B4B88chQLBceciQVl7DyYeeM3N2vCF2co5qIh6frXDFZS3%2BZhUBlyKxU2FG%2FuyS2yB%2BuMVWnVwy4gply9U0vxIgNz9IfZbjWwobuNJ6rudXfiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867eebf49eab4bcf-BUF
alt-svc
h3=":443"; ma=86400
pace.js
segurosclick.info/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/js/pace.js
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5602e4c8dcc822cf7fe78d319570e7e5cf43ba8485ff9fc34e56e86edc903023

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:04:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83r1dx83wzEUXUD7%2B549f1m96KbVQRHcRkfHzyUcGYhz2UZOVu8vyoUSnL806IOFEHfJHJZUd68yjKsO6NpIN5irEGc%2BBU7Y52wqDTn076mHH%2FQXRlPcVFarhuXa2d4Zs%2BO95LbLpRJ%2BbEaghhH08w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867eebf49eac4bcf-BUF
alt-svc
h3=":443"; ma=86400
modernizr.js
segurosclick.info/assets/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/js/modernizr.js
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4418b7f5ddaa266b8cb2eaa36d1a20bf2a18816f8526f456926190ac27409ef1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:04:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4popF%2F2xixQHAhqk5mzCj0iW4%2FL291rNg3KQIwQF%2Fbw5sRPEdQwHv8CSGATS0S%2FHjxybIWVqgILiFjKkZjCp0XcT5unJVjuYagugrFCD3xPpCKxhHztaLels9uvCTPCooVvnhxIFfJ2IqHrAXYHCYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867eebf49ead4bcf-BUF
alt-svc
h3=":443"; ma=86400
mobile-detect.js
segurosclick.info/assets/js/ 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/js/mobile-detect.js
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0b1a9052dca0df2f5d3f3e1d40e383dda4d7aa188525d8188e1d3075f25b59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:05:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37EWSbtPU7xkeWkJwZN3TOghcD%2FRxHs1GkMSi49DkI9edDdoJjm%2BGqgfd7mpz2XWEEyPNMILY0gy7V9RUGL7Hfd2has7m7pdZOBg7QjxqGFMpYx3zPun1R9a9gdzy%2F1CQK1q6wbuzn0UugMcxdYmsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867eebf49eae4bcf-BUF
alt-svc
h3=":443"; ma=86400
application-devices.js
segurosclick.info/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/js/application-devices.js
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fb47db645b6f6c3884e59b8ecd1a3206478e9a27b849d6804e9131f3a710d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:05:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U08OHS2MHTfTDd6esqgIB%2FQpltiLA0KRZBzw79cHCQqlRKakmKqcbv9SwsSPhpI52Jxli8NDMAeqSdKeKQqMMvJ%2FtLjAfNrZjwKQ2%2BiWbiqDnASaieeAYcrIqLb6z2pS9boPJ%2Fca5hmlN7VJaJqm1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
867eebf49eaf4bcf-BUF
alt-svc
h3=":443"; ma=86400
logo-garantibbva.png
segurosclick.info/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segurosclick.info/assets/img/logo-garantibbva.png
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a83e3642ca11fbaae82bbcd5a94836701d77479d6580af10a578f2ee17a91f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:17:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bhwOmDeVaSufXtk620S5ZHOG1YiG8ioTjbFoNkLt625RoNl4mTZRRnW%2B35jmFkXqcvutNLNB2xCFk6PKlGvYKhRiaRL1%2Bythgu8%2BfdCJ%2Fn6cSY5%2BpWhzAw2xcJel8L5gLzF2izMPHTT%2F%2F%2FktLwrDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867eebf49eb14bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
3450
logo-garantibbva-2x.png
segurosclick.info/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segurosclick.info/assets/img/logo-garantibbva-2x.png
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3541db151826636ff9b170b457d6019b1593a62f4782cb2e3846b61ed1bcf60c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:18:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6kW8XlwwOxyrFd0TYaDX6iiwAgfWw0a8Cm15fYJlqYTs%2FQ%2BKhYrsr6pM1ZDj840cx2Jc3Y8jlOn11pzZHAAYzvJ%2FqoLJDAe%2Bz3ZNY3njEI3QsK%2FZueqAz%2FjNsLkP8EPvRM5LaUiPxptE6Iu7tyx2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867eebf49eb34bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
6731
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
bootstrap-login.css
segurosclick.info/assets/css/ 		212 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/css/bootstrap-login.css
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7c3368f1d5154f357f50fdbedcc3fbfb38893944c36d69827a8722f831808f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:13:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fROxcF3iHjLePfxc5fOi9iuVTWSM0YRgSOXQv5zwqbv878GN9upfBqmw%2Fr8f34tqm49dglcLHStmBpMMCBgkaYZHQE4o6gemAUR1ruoVm6Eic4WMQMGyD9u1pv8dfv%2BWMA0rsVCfihZa3TmvPlYoWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867eebf5af004bcf-BUF
alt-svc
h3=":443"; ma=86400
bootstrap-login-utility.css
segurosclick.info/assets/css/ 		209 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/css/bootstrap-login-utility.css
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38050efacad7e0b25764747c0a1205dfa2e217f6a96a9febcea51763c05052f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:13:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
415
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F3I4yfP3BpmdTp9K4YXtGtjjVcc38RnygcCCMntMThBFEN87bpNUnZcr0e3gCRabjuwcoSyADYuleatAvYCETJPMGk%2B5B6DlfCwxb81bpudTCZXG0BoumGHOEsq%2FLy9m41b4zQ3oltnK25iVv4nqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867eebf5af014bcf-BUF
alt-svc
h3=":443"; ma=86400
gt-facelift-login-style.css
segurosclick.info/assets/css/ 		65 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/css/gt-facelift-login-style.css
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa2e1432f2be7a3d070e94cc564e59bd92edc6b12fc09b1a626a20fea83b092

Request headers

accept-language
en-US,en;q=0.9
Referer
https://segurosclick.info/isube/login/login/passwordentrypersonal-tr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:13:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
416
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXLde0emS%2F%2FBAfW5kx3MqUAT7UxO%2BoBxkv9GHBEMRXDA3Q17G2JLj2Ul27NMLc7FKr1NlTHhkNlBJNZROPt1p20Bsctfbn7Cr2pcOQt7yNtvwU8oECqjEjWxfzq0FdsPAQRH9dNo4ehE5TO8pFDnMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
867eebf5af024bcf-BUF
alt-svc
h3=":443"; ma=86400
SourceSansPro-Regular.woff
segurosclick.info/assets/fonts/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/fonts/SourceSansPro-Regular.woff
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/assets/css/bootstrap-login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d05c31802fc851316e0e0587e3b16b4161859f816a529845b1fad9fc84a2399

Request headers

Referer
https://segurosclick.info/assets/css/bootstrap-login.css
Origin
https://segurosclick.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:15:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
415
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkW71zIVv%2BlBgZuO9hnYOvZ6bBP%2FtLE9Vs4Ta5v9tyG%2B8CGuYlPYkkfrIKrFzwH0Ck4eLu4OgQGFKViSg0wm%2F4Az5J2fxCVDUFh0CnYxRrCfNV%2Fxwd7rCHcgZJUPEojAwGGQxLzh756mdEr9ZUhtww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867eebf68f774bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
68708
SourceSansPro-Light.woff
segurosclick.info/assets/fonts/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/fonts/SourceSansPro-Light.woff
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/assets/css/bootstrap-login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d094bf5e2ed17c9d18a11c0490dea66b35ac0f50c5bb63350e28273b710c2e28

Request headers

Referer
https://segurosclick.info/assets/css/bootstrap-login.css
Origin
https://segurosclick.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:14:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
414
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDptf8JX0bRHFAYC1i6WSrdZZ2rjZj1Rd954X%2BHQrJsKBGjj6m7mI2mZtKo945pcQykpsdv6ZrheYPBRujQtO0%2FgbipxYQZ8%2BeSLdxMwkrpplIX9ptB3nkeJ%2Bv1DkLHLljLq3LRLLkQ%2BI0HXq8Hbmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867eebf68f794bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
68600
icons.woff
segurosclick.info/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/fonts/icons.woff
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/assets/css/bootstrap-login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79ac9928f4fdc7cb758e936ee5ff677223e62a0146ec993ce694ac861ec34c2

Request headers

Referer
https://segurosclick.info/assets/css/bootstrap-login.css
Origin
https://segurosclick.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:41 GMT
cf-cache-status
HIT
last-modified
Sat, 01 Apr 2023 23:15:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
415
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TT%2BvYjhONQ5KG01vkNyjryNd%2BgDFGNAkwLC1xuARAaGVKQtZVoy5KOc2BVwDCrgMwORBuuDYk%2BS1VpH%2FHhwOwQCGFAsUgjw9Wd6njJy%2Fv9rymaVtywOOE2GEGYf%2BSyurPrF4ohvsvThSwOrUjRHl%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
867eebf69f7b4bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
38704
SourceSansPro-Semibold.woff
segurosclick.info/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/fonts/SourceSansPro-Semibold.woff
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/assets/css/bootstrap-login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://segurosclick.info/assets/css/bootstrap-login.css
Origin
https://segurosclick.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:42 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UOc1AFNUBTPjUxLveENmVTCHuoQvdfS3yHudASCIYqu4DdHyVUQv6BT2MpaaqkRL4AEPwYep1t2fu5MJmgelATC1N%2BJ%2B3Wyjio%2Bht7gNJ%2FwCxKfgUz%2BWd6ElSN4rpVR%2BWIoNhfHEOrOSIi%2BUT3jumA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
867eebf6af7e4bcf-BUF
alt-svc
h3=":443"; ma=86400
SourceSansPro-Semibold.ttf
segurosclick.info/assets/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://segurosclick.info/assets/fonts/SourceSansPro-Semibold.ttf
Requested by
Host: segurosclick.info
URL: https://segurosclick.info/assets/css/bootstrap-login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://segurosclick.info/assets/css/bootstrap-login.css
Origin
https://segurosclick.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:19:42 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfPvxJz3C7aXbRm8dmbC0V7LCf6tQ%2B5An2np5p5tZjv6OP%2FBDV7CrZLNjtf9mLSyYc9VwMSzOdUWxntduDXlXdHYQYVuf%2BToIU4GNvRiV2Z3Mb3%2FLZ8rNNQCx0ttKisgHgaamFFvdOR8YFqFZEYzKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
cf-ray
867eebf8e8684bcf-BUF
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garanti (Banking)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| paceOptions object| Pace boolean| _‌‍ object| Modernizr function| MobileDetect boolean| mobile boolean| tablet boolean| desktop object| md string| prefix boolean| isMacAndSafari number| _screenwidth string| gua boolean| oldAndroid function| getAndroidVersion boolean| isAndroidBrowser undefined| regExChrome undefined| resultChromeRegEx undefined| chromeVersion function| readDeviceOrientation string| STATIC_ASSET_URL_VAR function| setCSS

3 Cookies

Domain/Path Name / Value
segurosclick.info/ Name: PHPSESSID
Value: 37d2000f051b6b3dd526e4aeadd8ef92
segurosclick.info/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik9pQzc0VktUWGJzRVBoRWJZSW9XMWc9PSIsInZhbHVlIjoiaFZ3UUFzM1U3RkUyQy9wQ0o2SlVLZDZ1ajFDSEI2SnVKTGNtZjlOa0xrOEZvMWRFL2l3cTV0UDVtd0lXdjZoSGI5alA2ZVJseUtURU5FM2NNSFN3OFJ2bXAyVFVlWU1rT05jaVd3YkQ4aXpXTURKZFNxdGZxNm9aeUVnYTZPL2QiLCJtYWMiOiI0MGM2ZTYwYmIzOThiNjJjMTFkZWM5ZTUzMDE4ODM4Njc3ODJhMGE1YjdmNTlmZTZiNDc2MjYwNjhkZGQ5NDNkIiwidGFnIjoiIn0%3D
segurosclick.info/ Name: laravel_session
Value: eyJpdiI6Ing2eVd4d1ExMXlCVFpBS2t0M21DTnc9PSIsInZhbHVlIjoiSHc4WlZRWHczeHZsTWZJZGhuekJrTllNL0ZjclFHN1VIV3pZQXBGRlZpNGEwdVJ5Y25zVEY0TVNoNFllQlloU0VWcU9ycTlCM21jdUVRR0ovSGJkZGlwOEJzNUt2ZE5rVDV3blNHMGFXTVpCMytJQmtnTUc1MHZqYlZndjhiVW8iLCJtYWMiOiI4OWFhNTdmODhjNzg0NzRlZmI4ZGQ0NjNlZTJkMGNiYzUxMDgyNzNhMmU3NDIwNmVhODVjMzE4ZDYxYWI0YjJhIiwidGFnIjoiIn0%3D

2 Console Messages

Source Level URL
Text
network error URL: https://segurosclick.info/assets/fonts/SourceSansPro-Semibold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://segurosclick.info/assets/fonts/SourceSansPro-Semibold.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()