halkbankparaf-com-tr.tk Open in urlscan Pro
35.204.89.91 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://halkbankparaf-com-tr.tk/
Submission: On February 11 via automatic, source certstream-suspicious (February 11th 2019, 5:12:43 pm UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 35.204.89.91, located in Ann Arbor, United States and belongs to GOOGLE - Google LLC, US. The main domain is halkbankparaf-com-tr.tk.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 11th 2019. Valid for: 3 months.

This is the only time halkbankparaf-com-tr.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BDDK (Banking) Halkbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	35.204.89.91 35.204.89.91		15169 (GOOGLE) (GOOGLE - Google LLC)
13	1

13 35.204.89.91 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 91.89.204.35.bc.googleusercontent.com

halkbankparaf-com-tr.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	halkbankparaf-com-tr.tk halkbankparaf-com-tr.tk	698 KB
13	1

	Domain	Requested by
13	halkbankparaf-com-tr.tk	halkbankparaf-com-tr.tk
13	1

This site contains no links.

Subject Issuer	Validity	Valid
halkbankparaf-com-tr.tk Let's Encrypt Authority X3	`2019-02-11` - `2019-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://halkbankparaf-com-tr.tk/
Frame ID: 9058C26C4577F206875B7E149CB717C6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

698 kB
Transfer

696 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response halkbankparaf-com-tr.tk/	9 KB 9 KB	104ms 33ms	Document text/html	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PHP/5.4.16 PleskLin Resource Hash `6c245a583bd87407a2e9f06a3c76ef0676754cea56f93cda241880b6ddf0cc02` Request headers :method GET :authority halkbankparaf-com-tr.tk :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 server nginx date Mon, 11 Feb 2019 17:12:28 GMT content-type text/html x-powered-by PHP/5.4.16 PleskLin
GET H2	404	external.html halkbankparaf-com-tr.tk/	0 0	27ms 23ms	Stylesheet text/html	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/external.html?link=https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers :path /external.html?link=https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Mon, 11 Feb 2019 16:55:10 GMT server nginx etag "328-581a12beb6b10" content-type text/html status 404 accept-ranges bytes content-length 808
GET H2	200	nucleo.css halkbankparaf-com-tr.tk/assets/vendor/nucleo/css/	9 KB 9 KB	26ms 23ms	Stylesheet text/css	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/vendor/nucleo/css/nucleo.css Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `ccefef3a6bf68bc2f4c4a07dc485ea19327322e99615fe5f684e49bcd1cb7c78` Request headers :path /assets/vendor/nucleo/css/nucleo.css pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Fri, 23 Nov 2018 00:28:28 GMT server nginx x-powered-by PleskLin etag "5bf749ac-2336" content-type text/css status 200 accept-ranges bytes content-length 9014
GET H2	200	all.min.css halkbankparaf-com-tr.tk/assets/vendor/%40fortawesome/fontawesome-free/css/	47 KB 48 KB	57ms 54ms	Stylesheet text/css	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/vendor/%40fortawesome/fontawesome-free/css/all.min.css Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `fa46b08d81776605f51b6200b0ba49d04af5a759713d54403368ca8b0dba3d7c` Request headers :path /assets/vendor/%40fortawesome/fontawesome-free/css/all.min.css pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Fri, 23 Nov 2018 00:27:54 GMT server nginx x-powered-by PleskLin etag "5bf7498a-bdd9" content-type text/css status 200 accept-ranges bytes content-length 48601
GET H2	200	argone209.css halkbankparaf-com-tr.tk/assets/css/	338 KB 338 KB	41ms 38ms	Stylesheet text/css	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/css/argone209.css?v=1.0.0 Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `7f9a51253516aa02e864900b9ab610f05fabb57414db0c26425adf8fad18af99` Request headers :path /assets/css/argone209.css?v=1.0.0 pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Sat, 17 Nov 2018 19:45:04 GMT server nginx x-powered-by PleskLin etag "5bf06fc0-54718" content-type text/css status 200 accept-ranges bytes content-length 345880
GET H2	404	font-awesome.min.css halkbankparaf-com-tr.tk/stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	0 0	57ms 54ms	Stylesheet text/html	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers :path /stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Mon, 11 Feb 2019 16:55:10 GMT server nginx etag "328-581a12beb6b10" content-type text/html status 404 accept-ranges bytes content-length 808
GET H2	404	sagtusengelleme1.js halkbankparaf-com-tr.tk/ic.sitekodlari.com/	0 0	73ms 70ms	Script text/html	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/ic.sitekodlari.com/sagtusengelleme1.js Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / Resource Hash Request headers :path /ic.sitekodlari.com/sagtusengelleme1.js pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Mon, 11 Feb 2019 16:55:10 GMT server nginx etag "328-581a12beb6b10" content-type text/html status 404 accept-ranges bytes content-length 808
GET H2	200	logo_white.png halkbankparaf-com-tr.tk/assets/img/brand/	39 KB 39 KB	73ms 70ms	Image image/png	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://halkbankparaf-com-tr.tk/assets/img/brand/logo_white.png Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `4a5619fdf5f89ff7125640de0ae0c14f77f9107600c71cd1b15728d9b092f279` Request headers :path /assets/img/brand/logo_white.png pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Sat, 17 Nov 2018 19:48:40 GMT server nginx x-powered-by PleskLin etag "5bf07098-9a4e" content-type image/png status 200 accept-ranges bytes content-length 39502
GET H2	200	jquery.min.js Show response halkbankparaf-com-tr.tk/assets/vendor/jquery/dist/	85 KB 85 KB	72ms 70ms	Script application/javascript	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/vendor/jquery/dist/jquery.min.js Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers :path /assets/vendor/jquery/dist/jquery.min.js pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Wed, 07 Nov 2018 11:20:58 GMT server nginx x-powered-by PleskLin etag "5be2ca9a-1538f" content-type application/javascript status 200 accept-ranges bytes content-length 86927
GET H2	200	bootstrap.bundle.min.js Show response halkbankparaf-com-tr.tk/assets/vendor/bootstrap/dist/js/	69 KB 70 KB	72ms 70ms	Script application/javascript	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/vendor/bootstrap/dist/js/bootstrap.bundle.min.js Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e` Request headers :path /assets/vendor/bootstrap/dist/js/bootstrap.bundle.min.js pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Wed, 07 Nov 2018 11:20:58 GMT server nginx x-powered-by PleskLin etag "5be2ca9a-11536" content-type application/javascript status 200 accept-ranges bytes content-length 70966
GET H2	200	argone209.js Show response halkbankparaf-com-tr.tk/assets/js/	21 KB 21 KB	72ms 70ms	Script application/javascript	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/js/argone209.js?v=1.0.0 Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `217b28579dc38ad194df02152faa041bf9f63e142c0e52ca9d06bf8b79fe1702` Request headers :path /assets/js/argone209.js?v=1.0.0 pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Wed, 07 Nov 2018 11:20:58 GMT server nginx x-powered-by PleskLin etag "5be2ca9a-5316" content-type application/javascript status 200 accept-ranges bytes content-length 21270
GET H2	200	creditly.js Show response halkbankparaf-com-tr.tk/js/	14 KB 14 KB	56ms 54ms	Script application/javascript	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/js/creditly.js Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `87f22c41dbcb26bad91fbaf973d978ab76cd68a768ad20b3a3596c9277cb113c` Request headers :path /js/creditly.js pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/ :scheme https :method GET Referer https://halkbankparaf-com-tr.tk/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Sat, 28 Jan 2017 11:23:30 GMT server nginx x-powered-by PleskLin etag "588c7f32-36e6" content-type application/javascript status 200 accept-ranges bytes content-length 14054
GET H2	200	fa-solid-900.woff2 halkbankparaf-com-tr.tk/assets/vendor/%40fortawesome/fontawesome-free/webfonts/	66 KB 66 KB	27ms 26ms	Font application/octet-stream	35.204.89.91 Google LLC
General Check archive.org Show headers Download Go to Full URL https://halkbankparaf-com-tr.tk/assets/vendor/%40fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 Requested by Host: halkbankparaf-com-tr.tk URL: https://halkbankparaf-com-tr.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.204.89.91 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 91.89.204.35.bc.googleusercontent.com Software nginx / PleskLin Resource Hash `ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d` Request headers :path /assets/vendor/%40fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2 pragma no-cache origin https://halkbankparaf-com-tr.tk accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority halkbankparaf-com-tr.tk referer https://halkbankparaf-com-tr.tk/assets/vendor/%40fortawesome/fontawesome-free/css/all.min.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://halkbankparaf-com-tr.tk/assets/vendor/%40fortawesome/fontawesome-free/css/all.min.css Origin https://halkbankparaf-com-tr.tk Response headers date Mon, 11 Feb 2019 17:12:28 GMT last-modified Wed, 07 Nov 2018 11:20:58 GMT server nginx x-powered-by PleskLin etag "5be2ca9a-10748" content-type application/octet-stream status 200 accept-ranges bytes content-length 67400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDDK (Banking) Halkbank (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

halkbankparaf-com-tr.tk
35.204.89.91
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
217b28579dc38ad194df02152faa041bf9f63e142c0e52ca9d06bf8b79fe1702
4a5619fdf5f89ff7125640de0ae0c14f77f9107600c71cd1b15728d9b092f279
6c245a583bd87407a2e9f06a3c76ef0676754cea56f93cda241880b6ddf0cc02
7f9a51253516aa02e864900b9ab610f05fabb57414db0c26425adf8fad18af99
87f22c41dbcb26bad91fbaf973d978ab76cd68a768ad20b3a3596c9277cb113c
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
ccefef3a6bf68bc2f4c4a07dc485ea19327322e99615fe5f684e49bcd1cb7c78
fa46b08d81776605f51b6200b0ba49d04af5a759713d54403368ca8b0dba3d7c

halkbankparaf-com-tr.tk Open in urlscan Pro 35.204.89.91 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

698 kBTransfer

696 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

0 Cookies

Indicators

halkbankparaf-com-tr.tk Open in urlscan Pro
35.204.89.91 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

698 kB
Transfer

696 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!