greatpartnersturkey.com
Open in
urlscan Pro
159.253.46.18
Malicious Activity!
Public Scan
Effective URL: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutl...
Submission: On January 25 via manual from US
Summary
TLS certificate: Issued by R3 on December 21st 2020. Valid for: 3 months.
This is the only time greatpartnersturkey.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 207.211.31.113 207.211.31.113 | 14135 (NAVISITE-...) (NAVISITE-EAST-2) | |
4 | 85.25.105.203 85.25.105.203 | 8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
5 17 | 159.253.46.18 159.253.46.18 | 51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2004 | 15169 (GOOGLE) (GOOGLE) | |
20 | 6 |
ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com
protect-us.mimecast.com |
ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: rdn.zemta.com.tr
www.spkd.org.tr | |
greatpartnersturkey.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
greatpartnersturkey.com
3 redirects
greatpartnersturkey.com |
62 KB |
4 |
spkd.org.tr
2 redirects
www.spkd.org.tr |
1 KB |
4 |
fmn.gr
www.fmn.gr |
161 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
30 KB |
2 |
mimecast.com
2 redirects
protect-us.mimecast.com |
1 KB |
1 |
google.com
www.google.com |
|
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
6 KB |
20 | 7 |
Domain | Requested by | |
---|---|---|
13 | greatpartnersturkey.com |
3 redirects
greatpartnersturkey.com
|
4 | www.spkd.org.tr |
2 redirects
www.fmn.gr
|
4 | www.fmn.gr |
www.fmn.gr
|
2 | protect-us.mimecast.com | 2 redirects |
1 | www.google.com |
www.spkd.org.tr
|
1 | ajax.googleapis.com |
www.fmn.gr
|
1 | maxcdn.bootstrapcdn.com |
www.fmn.gr
|
1 | fonts.googleapis.com |
www.fmn.gr
|
20 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fmn.gr cPanel, Inc. Certification Authority |
2020-11-22 - 2021-02-20 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
spkd.org.tr R3 |
2020-12-21 - 2021-03-21 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
greatpartnersturkey.com R3 |
2020-12-21 - 2021-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
Frame ID: 0AFD7402366BC24AB9AC4C26047720E1
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr
HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2T... HTTP 307
https://www.fmn.gr/ Page URL
-
https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20=
HTTP 302
https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5... Page URL
- https://www.spkd.org.tr/account/check.php Page URL
-
https://greatpartnersturkey.com/Office/?email=bWR1cmFuZEBjZG10Zy5jb20%3D
HTTP 302
https://greatpartnersturkey.com/Office/index.php?csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzN... HTTP 302
https://greatpartnersturkey.com/Office/New/auth?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=... HTTP 302
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_ur... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr
HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2TOveeYcy4_kZadRXOUdLG2ukxztZBpbXNPtjWaoKqVaE4mSCupys7aslbw7hPCQ8FmGC6oAZ9OkDJliuYsCCj1R9jWdt2m0I4woSBVdrD1mRcIjwmPCB-w2uQjCb3Nnh4eb59vvoQ31RCu1quH7dMqvxMbPyOrqjxXirxk_d11iBdWyaIru3b8wPcg0Y0ClPEJ6nUFUoW1nZnvp_vpMAxeVjdervfTN8njPZH1Zb-7OD_srgjevfJDQvE7UFCj_zySrop6g0kE5qLvKTxdP1puN2chOwOEYkowrIgyaLNK18IFYy7DXIBhAUKJOQbRxZAZ-suEQizHI5aFks_b-08A5P3R9m33bbO9Vh_Xm6vkhRL_ghdJMUBdwgltrbT8E-C_WqaOTQEYF0mIAxGGnBFCfJbxFKecBizAQSx5kgom4xlPR0qTamDoOInVj4XJ66SKh9OAtcrLtoFqp1uI1rq98WqYsoyNPbWYPjkcp8iJYCJwXGdGg5CyuXNZNnHlLD84Waudr70yafzqYLKfUh9uCMyRVWvKJvfQ8X_43PbN6PuU3zEy-X9Yv34D2G3AqA HTTP 307
https://www.fmn.gr/ Page URL
-
https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20=
HTTP 302
https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20= Page URL
- https://www.spkd.org.tr/account/check.php Page URL
-
https://greatpartnersturkey.com/Office/?email=bWR1cmFuZEBjZG10Zy5jb20%3D
HTTP 302
https://greatpartnersturkey.com/Office/index.php?csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw== HTTP 302
https://greatpartnersturkey.com/Office/New/auth?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&protectedtoken=true&domain_hint=cdmtg.com&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw== HTTP 302
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr HTTP 307
- https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2TOveeYcy4_kZadRXOUdLG2ukxztZBpbXNPtjWaoKqVaE4mSCupys7aslbw7hPCQ8FmGC6oAZ9OkDJliuYsCCj1R9jWdt2m0I4woSBVdrD1mRcIjwmPCB-w2uQjCb3Nnh4eb59vvoQ31RCu1quH7dMqvxMbPyOrqjxXirxk_d11iBdWyaIru3b8wPcg0Y0ClPEJ6nUFUoW1nZnvp_vpMAxeVjdervfTN8njPZH1Zb-7OD_srgjevfJDQvE7UFCj_zySrop6g0kE5qLvKTxdP1puN2chOwOEYkowrIgyaLNK18IFYy7DXIBhAUKJOQbRxZAZ-suEQizHI5aFks_b-08A5P3R9m33bbO9Vh_Xm6vkhRL_ghdJMUBdwgltrbT8E-C_WqaOTQEYF0mIAxGGnBFCfJbxFKecBizAQSx5kgom4xlPR0qTamDoOInVj4XJ66SKh9OAtcrLtoFqp1uI1rq98WqYsoyNPbWYPjkcp8iJYCJwXGdGg5CyuXNZNnHlLD84Waudr70yafzqYLKfUh9uCMyRVWvKJvfQ8X_43PbN6PuU3zEy-X9Yv34D2G3AqA HTTP 307
- https://www.fmn.gr/
- https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
- https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
- https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.fmn.gr/ Redirect Chain
|
56 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
www.fmn.gr/wp-includes/css/dist/block-library/ |
29 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 791 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.fmn.gr/wp-content/themes/fmn/assets/css/ |
35 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
www.fmn.gr/wp-content/themes/fmn/assets/js/ |
41 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
www.spkd.org.tr/account/confirm/ Redirect Chain
|
1 KB 500 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
check.php
www.spkd.org.tr/account/ |
259 B 243 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
signin
greatpartnersturkey.com/Office/New/ Redirect Chain
|
11 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
greatpartnersturkey.com/Office/New/lib/css/ |
99 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53_8b36337037cff88c3df203bb73d58e41.png
greatpartnersturkey.com/Office/New/lib/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
greatpartnersturkey.com/Office/New/lib/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
greatpartnersturkey.com/Office/New/lib/img/ |
2 KB 621 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
greatpartnersturkey.com/Office/New/lib/img/ |
915 B 279 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
greatpartnersturkey.com/Office/New/lib/img/ |
915 B 295 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
greatpartnersturkey.com/Office/New/lib/css/ |
0 16 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
greatpartnersturkey.com/Office/New/lib/img/ |
987 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
49_7916a894ebde7d29c2cc29b267f1299f.jpg
greatpartnersturkey.com/Office/New/lib/img/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
greatpartnersturkey.com/ | Name: PHPSESSID Value: lqebjh8519s7ehm36cj8rokj07 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
greatpartnersturkey.com
maxcdn.bootstrapcdn.com
protect-us.mimecast.com
www.fmn.gr
www.google.com
www.spkd.org.tr
159.253.46.18
2001:4de0:ac19::1:b:1a
207.211.31.113
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:827::200a
85.25.105.203
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
5c8a50038a944c9098939202a6a9330f3266a3a7be235f7c2cbc8d4a56098864
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
79516aa7cd03b5a959ad677e00f22fa20ef6c32ee9247147e953808274f6869c
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
968d3f29171b0c97399611fbcd07bc81db0253fd91ec36dc456d08bb94b9bac7
a305cb75f70fa602fa3df230cf2e69f06cb7ee859e88cf22a724761a06214776
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898