bireyseleozeldestekpaketleri.line.pm Open in urlscan Pro
190.14.39.122 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Submission: On February 13 via automatic, source openphish (February 13th 2023, 1:20:01 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 190.14.39.122, located in Panama and belongs to Offshore Racks S.A, PA. The main domain is bireyseleozeldestekpaketleri.line.pm.

This is the only time bireyseleozeldestekpaketleri.line.pm was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Turkish Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
14	190.14.39.122 190.14.39.122	52469 (Offshore ...) (Offshore Racks S.A)
5	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
19	2

14 190.14.39.122 (Panama)

ASN52469 (Offshore Racks S.A, PA)
PTR: cpanel16.offshoreracks.com

bireyseleozeldestekpaketleri.line.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	line.pm bireyseleozeldestekpaketleri.line.pm	315 KB
5	gstatic.com fonts.gstatic.com	67 KB
19	2

	Domain	Requested by
14	bireyseleozeldestekpaketleri.line.pm	bireyseleozeldestekpaketleri.line.pm
5	fonts.gstatic.com	bireyseleozeldestekpaketleri.line.pm
19	2

This site contains no links.

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Frame ID: 77F063E84696284373A36C07FFA30237
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

e-Devlet | DESTEK Sistemi

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

19
Requests

26 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

382 kB
Transfer

379 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request sms.php Show response
bireyseleozeldestekpaketleri.line.pm/basvur/ 3 KB
4 KB 571ms
184ms Document
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: c02110b597a7ee079f3e8a5f306dbd338e0b1bf1c37335a55e3298cc655d943d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Feb 2023 01:19:55 GMT
Keep-Alive: timeout=3, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 404
Not Found bootstrap.min.css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 0
0 181ms
180ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/bootstrap.min.css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found font-awesome.min.css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 0
0 188ms
181ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/font-awesome.min.css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found flaticon.css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 0
0 346ms
168ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/flaticon.css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 31 KB
31 KB 356ms
176ms Stylesheet
text/plain 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 608ff39d81bf3098a9db9aaea1c56c59773d04db4bdb4567500842cc9f1431cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Vary: Accept-Encoding
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 31432

GET
H/1.1 404
Not Found style.css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 0
0 353ms
172ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/style.css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found default.css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 0
0 353ms
173ms Stylesheet
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/default.css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bootstrap.min(1).css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 163 KB
163 KB 361ms
177ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/bootstrap.min(1).css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 0a0a376dc5ee222a63ee133b4ae1dc75a8655ae493139aa478d7a0dc64755a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 167154

GET
H/1.1 200
OK font-awesome.min(1).css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 38 KB
38 KB 363ms
177ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/font-awesome.min(1).css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 2f499490b865ea22b5a1efdeade6d8b977073b0642238b51109cd202167d173e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 38634

GET
H/1.1 200
OK flaticon(1).css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 2 KB
2 KB 511ms
168ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/flaticon(1).css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: b86d0b93e4e11cf1a09e3a7efe97c0faa07a335bd100b85f2ce7655942da1894

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 1638

GET
H/1.1 200
OK style(1).css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 66 KB
66 KB 522ms
173ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/style(1).css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: cb409ca7227f6ea8937b56b2c90284afe4f0596944940317b3fb7bb8444a69b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 67403

GET
H/1.1 200
OK default(1).css
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 154 B
417 B 523ms
174ms Stylesheet
text/css 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/default(1).css
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: cbb81f38ee322ed3d62af6bb700def6a6be839b1edafcb6261fc2a78ed4ffdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 154

GET
H/1.1 200
OK logo-2.png
bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/ 11 KB
11 KB 169ms
169ms Image
image/png 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/logo-2.png
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: 257461ed4d440311ffc7147309e879bc3ea33dc97c7f7cd15e17bc5ab0dd538e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Last-Modified: Mon, 22 Jul 2019 16:40:08 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 10879

GET
H/1.1 404
Not Found bg-image.jpeg
bireyseleozeldestekpaketleri.line.pm/basvur/img/ 315 B
315 B 177ms
177ms Image
text/html 190.14.39.122
Offshore Racks S.A

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/img/bg-image.jpeg
Requested by: Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/style(1).css
Protocol: HTTP/1.1
Server: 190.14.39.122 , Panama, ASN52469 (Offshore Racks S.A, PA),
Reverse DNS: cpanel16.offshoreracks.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/style(1).css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 01:19:56 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=3, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v16/ 14 KB
15 KB 110ms
29ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bireyseleozeldestekpaketleri.line.pm/
Origin: http://bireyseleozeldestekpaketleri.line.pm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 17:07:21 GMT
x-content-type-options: nosniff
age: 29555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14380
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:11:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Feb 2024 17:07:21 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 143ms
63ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bireyseleozeldestekpaketleri.line.pm/
Origin: http://bireyseleozeldestekpaketleri.line.pm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 23:27:08 GMT
x-content-type-options: nosniff
age: 438768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15056
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 23:27:08 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v16/ 15 KB
15 KB 153ms
73ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bireyseleozeldestekpaketleri.line.pm/
Origin: http://bireyseleozeldestekpaketleri.line.pm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 17:10:33 GMT
x-content-type-options: nosniff
age: 202163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14880
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 17:10:33 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v16/ 11 KB
11 KB 112ms
36ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bireyseleozeldestekpaketleri.line.pm/
Origin: http://bireyseleozeldestekpaketleri.line.pm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 13:19:23 GMT
x-content-type-options: nosniff
age: 216033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:13:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 13:19:23 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v16/ 11 KB
12 KB 131ms
57ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2

Requested by

Host: bireyseleozeldestekpaketleri.line.pm
URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bireyseleozeldestekpaketleri.line.pm/
Origin: http://bireyseleozeldestekpaketleri.line.pm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 23:30:33 GMT
x-content-type-options: nosniff
age: 352163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11724
x-xss-protection: 0
last-modified: Mon, 25 Mar 2019 20:12:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:30:33 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Turkish Government (Government)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/flaticon.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/sms_files/default.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bireyseleozeldestekpaketleri.line.pm/basvur/img/bg-image.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bireyseleozeldestekpaketleri.line.pm
fonts.gstatic.com
190.14.39.122
2a00:1450:400d:80d::2003
0a0a376dc5ee222a63ee133b4ae1dc75a8655ae493139aa478d7a0dc64755a39
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
257461ed4d440311ffc7147309e879bc3ea33dc97c7f7cd15e17bc5ab0dd538e
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2f499490b865ea22b5a1efdeade6d8b977073b0642238b51109cd202167d173e
608ff39d81bf3098a9db9aaea1c56c59773d04db4bdb4567500842cc9f1431cb
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
b86d0b93e4e11cf1a09e3a7efe97c0faa07a335bd100b85f2ce7655942da1894
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
c02110b597a7ee079f3e8a5f306dbd338e0b1bf1c37335a55e3298cc655d943d
cb409ca7227f6ea8937b56b2c90284afe4f0596944940317b3fb7bb8444a69b2
cbb81f38ee322ed3d62af6bb700def6a6be839b1edafcb6261fc2a78ed4ffdb3
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

bireyseleozeldestekpaketleri.line.pm Open in urlscan Pro 190.14.39.122 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

26 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

382 kBTransfer

379 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

bireyseleozeldestekpaketleri.line.pm Open in urlscan Pro
190.14.39.122 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

26 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

382 kB
Transfer

379 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!