turkeyinvest.blog Open in urlscan Pro
104.21.55.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://turkeyinvest.blog/tr/botas/signin23/
Submission Tags: @phish_report
Submission: On August 26 via api (August 26th 2024, 9:03:01 am UTC) from FI — Scanned from FI

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 104.21.55.158, located in and belongs to CLOUDFLARENET, US. The main domain is turkeyinvest.blog.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.

This is the only time turkeyinvest.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.21.55.158 104.21.55.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
16	3

14 104.21.55.158 (None, )

ASN13335 (CLOUDFLARENET, US)

turkeyinvest.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	turkeyinvest.blog turkeyinvest.blog	1 MB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	31 KB
16	2

	Domain	Requested by
14	turkeyinvest.blog	turkeyinvest.blog
1	code.jquery.com	turkeyinvest.blog
16	2

This site contains no links.

Subject Issuer	Validity	Valid
turkeyinvest.blog WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://turkeyinvest.blog/tr/botas/signin23/
Frame ID: C17A51A8D7FB38EAD5883A632979CC88
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ankete katılın

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1406 kB
Transfer

6162 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response turkeyinvest.blog/tr/botas/signin23/	41 KB 7 KB	457ms 294ms	Document text/html	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `090c4168c4efa4aef08e85381647b99a1ee1fc1c29d3a64a2dc37d605c4b3270` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b92a536ff191c02-OSL content-encoding br content-type text/html; charset=UTF-8 date Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLCt4vGDYbl1i7dbqB3m7J8ZXnLyR6Qfas3APVNeBHQIZBFqMMdXtCOqwYciYi70OG%2B38TLmV9vsPR1wu%2FL4q%2BP6E%2FT0N2Sjo6MOgZPIQzVExPdw37scqH330gRUolzm7lHTsw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	intlphone.css turkeyinvest.blog/cms/css/	19 KB 3 KB	188ms 186ms	Stylesheet text/css	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/cms/css/intlphone.css Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a78c0708cd73d1ac451649f7623b3852e02aa1216575ea588863fc0d4e1127f8` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bdjpLv0m9vrXbr0ShIcYGhBa9CFjWtZ6ZBEeiLSSPLZNo0YUAEgEGci0kUuoEK8DWybvCQtahWpH894UB6Y6aR241ihZrGKlC3%2FjtM%2BjvOXOgC20Af%2BeG9ZGG87ZWnI8QSvPQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a538b9ee1c02-OSL alt-svc h3=":443"; ma=86400 content-length 2906
GET H2	200	app.css turkeyinvest.blog/tr/botas/signin23/assets/	47 KB 8 KB	208ms 207ms	Stylesheet text/css	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/app.css Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed5eea653beba3db1f0ed32e0c6622a35c0e05db5085ab5398232e0fb0d2d945` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EOTrRmD0jKqU6OQuDClaZanhEFTRyGMwW%2F9oy0tbGr1%2FZv2ejA2GQexGOgqTnpT6TrawbMgaPUdcT%2BCditQBedI0Lv2tUB8Gc78uWodo5Z5dINofV4BqayCRXViai7zYZMiEVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a538b9ef1c02-OSL alt-svc h3=":443"; ma=86400 content-length 7624
GET H2	200	bootstrap.min.css turkeyinvest.blog/tr/botas/signin23/assets/	190 KB 27 KB	243ms 242ms	Stylesheet text/css	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/bootstrap.min.css Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ Origin https://turkeyinvest.blog User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFqG8cybZ0tBwd22BR6bxBgm6EO3cRYr1wN2Cje0b3fYg%2BU9fb%2BUd93MNcnF2aYGydS7N7EBoE3jcx5rl1T6ZYpBvwo8CcSKSEQGslkrOBmPoNT4HAn%2BnggZpkITVvoX1C80eQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a538b9f01c02-OSL alt-svc h3=":443"; ma=86400 content-length 27427
GET H2	200	leadForm.css turkeyinvest.blog/tr/botas/signin23/assets/	2 KB 1 KB	202ms 202ms	Stylesheet text/css	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/leadForm.css Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `efdafee7d2b702463911c590fad44de08fab3a87e02e8fe9d49f83c5ce07fcdb` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncUJfYMk7EbdwKrY1yuLyXT7Vt9Uh%2Fl006dsmghRCeoH2MjVASC1wTvgikJX7%2B2kB7i%2BZkaCrzTculDPwVFAtG4%2BNdpq4NI9HB911vCHTlZKOa9VNvReJYlFNjDg9q29W%2BAJUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a538b9f21c02-OSL alt-svc h3=":443"; ma=86400 content-length 799
GET H3	200	logo.png turkeyinvest.blog/tr/botas/signin23/assets/	108 KB 108 KB	294ms 292ms	Image image/png	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/logo.png Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9a4f8486c82adca9a563bd0181e311885855a720b58c6505ea3f5a36936b22da` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3nHMAyyokZYExusATcoCPBbQIT1Of6Kki%2FnXZzGTToP3Te50URlDcGwdNu6YH97J%2BIacZesF1Y6B64VBH57roXsUXh5JtlPf7kwsrfeWl%2BL4LxRMyN0OVqZaQqEvncc1DjnyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53a18adb52d-OSL alt-svc h3=":443"; ma=86400 content-length 110354
GET H3	200	icon-call.svg turkeyinvest.blog/tr/botas/signin23/assets/	1 KB 1019 B	2502ms 2502ms	Image image/svg+xml	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/icon-call.svg Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41c9406673d3a79701447c98bfe44bd48542d24bd46fa8d0ded2b6fd6aaf7521` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibVp9HF8xznitr2vjOvC397yxg2w3XGhIW%2FxO0K8B0bEpuFv2bjtjt9Q%2FdsqqGIVo9WLzLXGKRdKNpdC7X3HG2YKKX%2FGj1hzpKx%2FxJuBO1YHIrZDkigPtusq11NgySvfjHunEw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53b7aefb52d-OSL alt-svc h3=":443"; ma=86400 content-length 564
GET H3	200	3.webp turkeyinvest.blog/tr/botas/signin23/assets/	226 KB 227 KB	357ms 355ms	Image image/webp	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/3.webp Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0687bf82c657c8c63eeb75728b051d1a9fffeaf6fbb61ccf28646597a08c9cf4` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEK3T84jLQNZTNr03o7h1elkSEHnsAg%2FItzd4Gvo%2FSSrmLYY%2B%2Fd7vfO0KY9o0XBsZjEQ4N52v5VsrjQ0dRXYaLw8IfUroo%2Bea1eeOqnpqRGJy%2FcrlBYK6gJZBBbkdk4Mc0e8lw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53a18b1b52d-OSL alt-svc h3=":443"; ma=86400 content-length 231282
GET H3	200	4.webp turkeyinvest.blog/tr/botas/signin23/assets/	375 KB 375 KB	1738ms 1738ms	Image image/webp	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/4.webp Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a27abf5ba5fd548fde94199f18035dbf62488c6514d7b35a4da9319babb4078e` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBaw8fS8wZQUoQiJNW%2FYxISrOpemrJqrniOxz3gXJ5YyXs41DrkQQnGVo9ld67v5hzSVXy5AOoeQUx%2Fv02RZQRu2nPd3MCFthm%2FYPF7bboFhUBXsBaoEX7KtgvdUSekVFaMtuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53a4917b52d-OSL alt-svc h3=":443"; ma=86400 content-length 383728
GET H3	200	7.webp turkeyinvest.blog/tr/botas/signin23/assets/	606 KB 607 KB	2439ms 2438ms	Image image/webp	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/7.webp Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99c6b43bb8124eedce9d874dfddd4a65c7b5b2c1beb8e760ebf256f8a332d4b8` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:53 GMT cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtZluiuzlndEsqcOsFFY2QifCFtdaHMV6Xlojk%2BGFm2HHwSWIgU9uWAoEbHM5Ll2AAZlqJ3OvHjr3QDjohdMlV1yyRQhZfRGv%2BTVYYvewKuYl7g8WQLb%2B%2BLZRcg1h9y5OUE3Xw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53beb81b52d-OSL alt-svc h3=":443"; ma=86400 content-length 620408
GET H2	200	jquery-3.6.1.min.js Show response code.jquery.com/	88 KB 31 KB	481ms 59ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.1.min.js Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74` Request headers Referer https://turkeyinvest.blog/ Origin https://turkeyinvest.blog User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 4746746 x-cache HIT, HIT content-length 30957 x-served-by cache-lga13629-LGA, cache-hel1410020-HEL last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1724662973.721573,VS0,VE0 etag W/"28feccc0-15e40" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 20, 55741
GET H3	200	custom.js Show response turkeyinvest.blog/tr/botas/signin23/assets/	2 KB 1 KB	188ms 188ms	Script application/javascript	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/custom.js Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d307727b68baae1d5bc871812a7130528c8b2ed88af696016af82f44bf6c8ffa` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Fob8bXsxl6MeXSdqe%2FVUo%2FnfQrk2E2kE5xIdZ4%2FUcIxumS3NH3k%2B%2BIVgQS4sljsDpGuMV5Cg%2BSj0cgSxZJTfZzGIuvx7srUNL2AaWa0GYHXCwNu5%2BDRV1Z0paqt0VTOVPRsLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53a491bb52d-OSL alt-svc h3=":443"; ma=86400 content-length 543
GET H3	200	intlphone.js Show response turkeyinvest.blog/cms/js/	28 KB 11 KB	189ms 189ms	Script application/javascript	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/cms/js/intlphone.js Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `deef52b75a8c1f5a9c4e14bdcbee549988c88a27e8142d8339ee5f256bd26981` Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 09:02:52 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPm%2BunYPAPY42VxAGcH2%2BNpnGfUkUdj0EvjSZ%2BY5EnhK6DgQ7bqf66RKYysxmG3BuYAHTfDF7yO7MswNcxpHPp%2FawT7NNeOTroQJ0bFLshCeUidgfwve7x%2FnrnbUG9WrDMDObQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8b92a53a491db52d-OSL alt-svc h3=":443"; ma=86400 content-length 10817
GET H3	206	video.mp4 turkeyinvest.blog/tr/botas/signin23/assets/	4 MB 0	3402ms 3402ms	Media video/mp4	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/video.mp4 Requested by Host: turkeyinvest.blog URL: https://turkeyinvest.blog/tr/botas/signin23/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Range bytes=0- Response headers date Mon, 26 Aug 2024 09:02:53 GMT cf-cache-status MISS last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9e3%2FUvljmSlaRcEUJUf9ldXgJWSkm%2BzKRIKLAheXXhXOIQZuNwp5qikG%2Fk3sLz6guMdhBfV8Y3Sne0KMjs8%2FSsAqa6lLknLx37%2BdGUat9M%2Fs%2F0BOqzC9U%2BdSXb7dl2ZOAMtUvA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-13023212/13023213 cache-control max-age=14400 cf-ray 8b92a53bfba4b52d-OSL alt-svc h3=":443"; ma=86400 Content-Length 13023213
GET		phone-flags.png turkeyinvest.blog/cms/image/	0 0

GET H3	206	video.mp4 turkeyinvest.blog/tr/botas/signin23/assets/	589 KB 0	936ms 936ms	Media video/mp4	104.21.55.158 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://turkeyinvest.blog/tr/botas/signin23/assets/video.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.55.158 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://turkeyinvest.blog/tr/botas/signin23/ Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Range bytes=3931925- Response headers date Mon, 26 Aug 2024 09:03:00 GMT cf-cache-status HIT last-modified Mon, 26 Aug 2024 09:02:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 8 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sa2AElJSjJZTwSinbLzwkec7nil5yKm036zR4k%2BmHEhvAEkxleaoJd6dFNfUjNyIV3B12G8CINdCpLr9lCiXqsPSFbZFslTkLroi4ZyXA5OlYx%2B0TQ9DF%2B5Z%2FB5lDtKev%2BwLxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 3931925-13023212/13023213 cache-control max-age=14400 cf-ray 8b92a56e9e2bb52d-OSL alt-svc h3=":443"; ma=86400 Content-Length 9091288

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: turkeyinvest.blog
URL: https://turkeyinvest.blog/cms/image/phone-flags.png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			turkeyinvest.blog/	1970-01-20 23:47:34	Name: 7752d4298abc18c80be27656d7cb9293ba56bbe2 Value: eNqLjgUAARUAuQ__

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
turkeyinvest.blog
turkeyinvest.blog
104.21.55.158
151.101.194.137
0687bf82c657c8c63eeb75728b051d1a9fffeaf6fbb61ccf28646597a08c9cf4
090c4168c4efa4aef08e85381647b99a1ee1fc1c29d3a64a2dc37d605c4b3270
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
41c9406673d3a79701447c98bfe44bd48542d24bd46fa8d0ded2b6fd6aaf7521
99c6b43bb8124eedce9d874dfddd4a65c7b5b2c1beb8e760ebf256f8a332d4b8
9a4f8486c82adca9a563bd0181e311885855a720b58c6505ea3f5a36936b22da
a27abf5ba5fd548fde94199f18035dbf62488c6514d7b35a4da9319babb4078e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a78c0708cd73d1ac451649f7623b3852e02aa1216575ea588863fc0d4e1127f8
d307727b68baae1d5bc871812a7130528c8b2ed88af696016af82f44bf6c8ffa
deef52b75a8c1f5a9c4e14bdcbee549988c88a27e8142d8339ee5f256bd26981
ed5eea653beba3db1f0ed32e0c6622a35c0e05db5085ab5398232e0fb0d2d945
efdafee7d2b702463911c590fad44de08fab3a87e02e8fe9d49f83c5ce07fcdb

turkeyinvest.blog Open in urlscan Pro 104.21.55.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1406 kBTransfer

6162 kBSize

1 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

turkeyinvest.blog Open in urlscan Pro
104.21.55.158 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1406 kB
Transfer

6162 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions