duyurubnscgiris.com Open in urlscan Pro
172.67.150.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://duyurubnscgiris.com/
Effective URL:
https://duyurubnscgiris.com/
Submission Tags: @ecarlesi threat phishing binance Search All
Submission: On July 04 via api (July 4th 2024, 7:38:16 am UTC) from IT — Scanned from IT

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 172.67.150.57, located in United States and belongs to CLOUDFLARENET, US. The main domain is duyurubnscgiris.com.
TLS certificate: Issued by WE1 on July 3rd 2024. Valid for: 3 months.

This is the only time duyurubnscgiris.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Binance (Crypto Exchange)

Domain & IP information

	IP Address		AS Autonomous System
14	172.67.150.57 172.67.150.57		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	1

14 172.67.150.57 (United States)

ASN13335 (CLOUDFLARENET, US)

duyurubnscgiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	duyurubnscgiris.com duyurubnscgiris.com	257 KB
14	1

	Domain	Requested by
14	duyurubnscgiris.com	duyurubnscgiris.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
duyurubnscgiris.com WE1	`2024-07-03` - `2024-10-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://duyurubnscgiris.com/
Frame ID: EFDB7804CB3459B0F7F176B9B4712A77
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitcoin Exchange | Cryptocurrency Exchange | Binance

Page URL History Show full URLs

http://duyurubnscgiris.com/ HTTP 307
https://duyurubnscgiris.com/ Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

257 kB
Transfer

554 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://duyurubnscgiris.com/ HTTP 307
https://duyurubnscgiris.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response duyurubnscgiris.com/ Redirect Chain http://duyurubnscgiris.com/ https://duyurubnscgiris.com/	21 KB 6 KB	165ms 122ms	Document text/html	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.8 PleskLin Resource Hash `f0c89db40383201da8f854e27909a3809aadfe0ce107bea29eb86e6135791947` Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 89dd744a9d060e27-MXP content-encoding br content-type text/html; charset=UTF-8 date Thu, 04 Jul 2024 07:38:11 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCKX%2BsXtnvESIb6xvMWM6YC8viQzBbegswovdIaxsyintJzsWF6wNqDNMJYYO9dm8mDdV4%2FUjdA1dvT6bK759bL2Dj5zxchACDiat90l2ql0UP8IBvFQF5I6G8pMQHjcimEFrWHB"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.3.8 PleskLin Redirect headers Location https://duyurubnscgiris.com/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	app.css duyurubnscgiris.com/dist/	197 KB 26 KB	206ms 205ms	Stylesheet text/css	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/dist/app.css Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `09b0a09485a3616fbef018847ea9665914d8e8a3835ca91733012d4ce1b4aa65` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT content-encoding br cf-cache-status MISS last-modified Fri, 08 Dec 2023 06:19:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6572b562-31303" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWgSwOT1zcMsGLg8JZ2J1JuMBFIv7vMT0vJfNLle0Mh11qz12gnPm6NsrwCAZZrxA4BlM7XucvmspCRzw%2FS07fyqLyWXG5Jy%2BnF0mBTokTsktwJHjvuq2XPcslSgMIScDXLtA77k"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 89dd744b6e120e27-MXP alt-svc h3=":443"; ma=86400
GET H3	200	logogoogle.png duyurubnscgiris.com/dist/	1 KB 2 KB	170ms 170ms	Image image/png	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duyurubnscgiris.com/dist/logogoogle.png Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `e3d40db99105ff6d19854c303de2525f94659f7ac2fa9fe018b61fabbef0d4af` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:32:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "656aa53a-483" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQ253dxXRSoTeZ8intQRq%2Fx3GkWW%2BrgYGmvpNx9A%2BX1pg69tSwwOFj%2FD%2FHpSQfgWIowmOh%2FaIzMpApOy0PW0X%2BhL%2F7191ECoSIZWDrerNxYUCRqvysbJzlYUxwonc01k6E2vW5Gt"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744b6e130e27-MXP alt-svc h3=":443"; ma=86400 content-length 1155
GET H3	200	ios-dark.svg duyurubnscgiris.com/dist/	2 KB 1 KB	157ms 156ms	Image image/svg+xml	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duyurubnscgiris.com/dist/ios-dark.svg Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `ff8ea7e65cfd39328818560a487314250942bf5c81fed6db50d50a3fbce08c51` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT content-encoding br cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:32:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"656aa53e-640" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJ9TL5ypr8WwDySAN7FSnvKXFMfBOjyAe1UWjcbX5kXFk6dwygbTjIKaPGO%2F2CHBkfv151yZjRBkIAwQ8jptcU9MBrkjQ88%2FU4DwhjFo42s4IhtFx4430nHTdc8jbHFxw5QdevU0"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89dd744b6e140e27-MXP alt-svc h3=":443"; ma=86400
GET H3	200	binance-logo.png duyurubnscgiris.com/dist/	618 B 1 KB	180ms 179ms	Image image/png	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duyurubnscgiris.com/dist/binance-logo.png Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `e7412f204aa573c993bec8856dda3e640f365ac0b3f232981c460df0b736738f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PleskLin alt-svc h3=":443"; ma=86400 content-length 618 last-modified Sat, 02 Dec 2023 03:32:18 GMT x-accel-version 0.01 server cloudflare etag "26a-60b7e88225480" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJcROiayagii62y1QDpO0F10Jhb5jK5E3APSOPo%2BktyaIx0fRyiTJJvo%2BwYCaWA4NxQGLEKptT1ocqaipm4525G%2FIe4ljZRj%2BBz3%2FHvv2TtPm5FTFQsrU9DzOFnM0ypOyBtkwvJL"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744b7e280e27-MXP
GET H3	200	bnqr.png duyurubnscgiris.com/dist/	5 KB 6 KB	178ms 177ms	Image image/png	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duyurubnscgiris.com/dist/bnqr.png Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `3283811faaaf60c51baa07acf6156fec5475910b9b167ee81a9b9667b172a290` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS last-modified Sat, 02 Dec 2023 04:27:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "656ab22e-1447" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLlrS%2BnvV2MvMPK1ZnFhz6X2mTR8ybkR4oo3M9UzHEdZYqn124MjAtiQhJfYb%2FWaF8bY2IKigqcwNmAUf5JeHhss1eIOxeaXdQz%2FyP6eQYNWYlvdbetqB5UJa71EUVF1PmXMuFum"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744b7e2b0e27-MXP alt-svc h3=":443"; ma=86400 content-length 5191
GET H3	200	scan-device-light.svg duyurubnscgiris.com/dist/	38 KB 11 KB	219ms 218ms	Image image/svg+xml	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://duyurubnscgiris.com/dist/scan-device-light.svg Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `3da9ee1c30c2a461b9783ae3ca2646da3b3de5da432e45d4ca14ebc0b5981db2` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT content-encoding br cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:32:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"656aa546-9710" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fb24nTf7B2inCZ51ZFmA0ro5yjCAf1NlzRyOxPXfT982zJjOcEf2449pY3iQh9wQrGitPQlzqz%2FZSt29X7ZNixj1EjZswaozwe0UIzfwgA1ObsVaEigjCvsXAreC%2FmNXzICZAIIi"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 89dd744b7e2e0e27-MXP alt-svc h3=":443"; ma=86400
GET H3	200	app.js Show response duyurubnscgiris.com/dist/	100 KB 11 KB	126ms 125ms	Script application/javascript	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/dist/app.js Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `bc23cc86744e8baf49afbbd44c4d4a0adad1e31cc3478bdc150a1a61d3fc3c78` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 22 Jan 2024 20:16:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65aecd26-18e9b" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fo9ir%2Boyys1HJcHHSQGbMa8uhzA%2Buw2lrIBFBCYmT1CooyhHueGW7G1cbBoEUBK%2BuQMzMO8Kv1CKRYN6%2FKV5yx4V8bVQSCPGvbAlOmsdfI3krYeH4W2CFmDPqlGRJGCPSSS%2BkV8H"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 89dd744b7e2f0e27-MXP alt-svc h3=":443"; ma=86400
POST H3	200	fakesocket.php duyurubnscgiris.com/	0 0	74ms 74ms	Fetch text/html	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/fakesocket.php Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/dist/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.8, PleskLin Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 04 Jul 2024 07:38:11 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.3.8, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9U0WlDiPzTZONuSU81FThdt25YbvRilg%2FtLdLuZ8DNRJZcAyhWbut9J9JST1BwMFtDzsAftWBs2Lb%2BW0PNCP0yqioMawFjhG%2BCUfKe8XEmjP5D75ABe5dxDOObuDYJzaTAfyLzn"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 89dd744cefc80e27-MXP alt-svc h3=":443"; ma=86400
GET H3	200	BinancePlex-Regular.woff2 duyurubnscgiris.com/dist/	59 KB 60 KB	177ms 176ms	Font font/woff2	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/dist/BinancePlex-Regular.woff2 Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/dist/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `fb333dfc868c8c5af243500d6f727f8ed0005110e6bfef678b09854d467d8006` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/dist/app.css Origin https://duyurubnscgiris.com Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:29:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "656aa4b0-ed10" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E296WH1UYwPSvtTuJ3%2FzbuOjNw8bkpMRvHFUxZPGnlHisNiNEUJvUtfz0CbImKVJA73ISjAvRslk4LcbA2RN6%2FjJCPoPsobCejO8Lt2S%2BsgY%2B%2BKFxfTarDoCUtu1SS6ePi%2FBYyFS"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744d0fd70e27-MXP alt-svc h3=":443"; ma=86400 content-length 60688
GET H3	200	BinancePlex-Medium.woff2 duyurubnscgiris.com/dist/	63 KB 64 KB	181ms 181ms	Font font/woff2	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/dist/BinancePlex-Medium.woff2 Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/dist/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `774f97c9687c03c187b227a2cc5e0a26700d18c5d9624ea5d995154c8b117db7` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/dist/app.css Origin https://duyurubnscgiris.com Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:29:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "656aa4b4-fd80" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=os8KGlb5LbtoJ9y6UHavrj43EcCBNiOgEZyn914hPifIbtNq%2F1UK2x%2Bn2gzdKGFECy%2FLUSswvQlEBz6gURauINKXBTpYoH5hNpPUS81CzhHarR7ijpvCReidVXmNMlFQ%2FkOImdQY"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744d0fd90e27-MXP alt-svc h3=":443"; ma=86400 content-length 64896
GET H3	200	BinancePlex-SemiBold.woff2 duyurubnscgiris.com/dist/	64 KB 64 KB	159ms 159ms	Font font/woff2	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/dist/BinancePlex-SemiBold.woff2 Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/dist/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `ab55edbaaef0358cc623836d1522fa0f4a1b164e5ad876122bfde83372754d1d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/dist/app.css Origin https://duyurubnscgiris.com Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:29:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "656aa4b4-ff6c" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1W2wY79HxvdSl%2BfkNmPRv9C0w%2BnMpa1cBi%2BaTXcqFb6REMx8T3GQNbTb9sdBoKOxeFpeDsAWjeOdYlhJnxAuIAP05tM5MPQTlEDYSwdA0XFj0LCXlOaxB%2FH6NqNLONnH79gpaFy"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744d0fda0e27-MXP alt-svc h3=":443"; ma=86400 content-length 65388
GET H3	200	brand.png duyurubnscgiris.com/dist/	4 KB 4 KB	122ms 122ms	Other image/png	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/dist/brand.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `83eef421c3682a87d0a7107f6872a1e36222cb1623ade9211b817ee2dfc0059b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 07:38:11 GMT cf-cache-status MISS last-modified Sat, 02 Dec 2023 03:41:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "656aa772-f82" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtvgXD57qm0srPASIHrm0Gl8LO2KY43sj1VevI52I3UnrfQc%2F6Qc%2BobHJkcGXvxfo%2F7JCyT7m43kbOMiBjz4JvtwxnYdQtnWEY3N10Gj1v2VruyCj3%2BBhlRNeYnWPl9cM1HmNO61"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89dd744d0fdc0e27-MXP alt-svc h3=":443"; ma=86400 content-length 3970
POST H3	200	fakesocket.php duyurubnscgiris.com/	0 0	66ms 65ms	Fetch text/html	172.67.150.57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://duyurubnscgiris.com/fakesocket.php Requested by Host: duyurubnscgiris.com URL: https://duyurubnscgiris.com/dist/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.150.57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.8, PleskLin Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://duyurubnscgiris.com/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 04 Jul 2024 07:38:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.3.8, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGxu1dZiyuZrHieYfu1sHOwx1HH8Gy1UMTQpL7c%2FLrLVd%2Bichqagw9vfa6RzYH5RORbVmnnjLqgrSLF5WFTAeIN9EiYd1sb3UGZwnKRsmweKyNwjtVSKvCBQkVqqtJtKSosjrVCH"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 89dd745fb8720e27-MXP alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Binance (Crypto Exchange)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			duyurubnscgiris.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: u359r6a28k2hkurs94jov3rpcr

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://duyurubnscgiris.com/ Message: [DOM] Found 2 elements with non-unique id #click_login_submit_v2: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://duyurubnscgiris.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duyurubnscgiris.com
172.67.150.57
09b0a09485a3616fbef018847ea9665914d8e8a3835ca91733012d4ce1b4aa65
3283811faaaf60c51baa07acf6156fec5475910b9b167ee81a9b9667b172a290
3da9ee1c30c2a461b9783ae3ca2646da3b3de5da432e45d4ca14ebc0b5981db2
774f97c9687c03c187b227a2cc5e0a26700d18c5d9624ea5d995154c8b117db7
83eef421c3682a87d0a7107f6872a1e36222cb1623ade9211b817ee2dfc0059b
ab55edbaaef0358cc623836d1522fa0f4a1b164e5ad876122bfde83372754d1d
bc23cc86744e8baf49afbbd44c4d4a0adad1e31cc3478bdc150a1a61d3fc3c78
e3d40db99105ff6d19854c303de2525f94659f7ac2fa9fe018b61fabbef0d4af
e7412f204aa573c993bec8856dda3e640f365ac0b3f232981c460df0b736738f
f0c89db40383201da8f854e27909a3809aadfe0ce107bea29eb86e6135791947
fb333dfc868c8c5af243500d6f727f8ed0005110e6bfef678b09854d467d8006
ff8ea7e65cfd39328818560a487314250942bf5c81fed6db50d50a3fbce08c51

duyurubnscgiris.com Open in urlscan Pro 172.67.150.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

257 kBTransfer

554 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

duyurubnscgiris.com Open in urlscan Pro
172.67.150.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

257 kB
Transfer

554 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!