greatpartnersturkey.com Open in urlscan Pro
159.253.46.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr
Effective URL:
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutl...
Submission: On January 25 via manual (January 25th 2021, 6:36:03 pm UTC) from US

Summary HTTP 20 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 159.253.46.18, located in Turkey and belongs to NETINTERNET Netinternet Bilisim Teknolojileri AS, TR. The main domain is greatpartnersturkey.com.
TLS certificate: Issued by R3 on December 21st 2020. Valid for: 3 months.

This is the only time greatpartnersturkey.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.113 207.211.31.113	14135 (NAVISITE-...) (NAVISITE-EAST-2)
4	85.25.105.203 85.25.105.203	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5 17	159.253.46.18 159.253.46.18	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
20	6

2 207.211.31.113 (United States) 2 redirects

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.25.105.203 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: s1.unijobs.gr

www.fmn.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 159.253.46.18 (Turkey) 5 redirects

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: rdn.zemta.com.tr

www.spkd.org.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greatpartnersturkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	greatpartnersturkey.com 3 redirects greatpartnersturkey.com	62 KB
4	spkd.org.tr 2 redirects www.spkd.org.tr	1 KB
4	fmn.gr www.fmn.gr	161 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	mimecast.com 2 redirects protect-us.mimecast.com	1 KB
1	google.com www.google.com
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	6 KB
20	7

	Domain	Requested by
13	greatpartnersturkey.com	3 redirects greatpartnersturkey.com
4	www.spkd.org.tr	2 redirects www.fmn.gr
4	www.fmn.gr	www.fmn.gr
2	protect-us.mimecast.com	2 redirects
1	www.google.com	www.spkd.org.tr
1	ajax.googleapis.com	www.fmn.gr
1	maxcdn.bootstrapcdn.com	www.fmn.gr
1	fonts.googleapis.com	www.fmn.gr
20	8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
fmn.gr cPanel, Inc. Certification Authority	`2020-11-22` - `2021-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
spkd.org.tr R3	`2020-12-21` - `2021-03-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
greatpartnersturkey.com R3	`2020-12-21` - `2021-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
Frame ID: 0AFD7402366BC24AB9AC4C26047720E1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2T... HTTP 307
https://www.fmn.gr/ Page URL
https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5... Page URL
https://www.spkd.org.tr/account/check.php Page URL
https://greatpartnersturkey.com/Office/?email=bWR1cmFuZEBjZG10Zy5jb20%3D HTTP 302
https://greatpartnersturkey.com/Office/index.php?csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzN... HTTP 302
https://greatpartnersturkey.com/Office/New/auth?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=... HTTP 302
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_ur... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

258 kB
Transfer

416 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2TOveeYcy4_kZadRXOUdLG2ukxztZBpbXNPtjWaoKqVaE4mSCupys7aslbw7hPCQ8FmGC6oAZ9OkDJliuYsCCj1R9jWdt2m0I4woSBVdrD1mRcIjwmPCB-w2uQjCb3Nnh4eb59vvoQ31RCu1quH7dMqvxMbPyOrqjxXirxk_d11iBdWyaIru3b8wPcg0Y0ClPEJ6nUFUoW1nZnvp_vpMAxeVjdervfTN8njPZH1Zb-7OD_srgjevfJDQvE7UFCj_zySrop6g0kE5qLvKTxdP1puN2chOwOEYkowrIgyaLNK18IFYy7DXIBhAUKJOQbRxZAZ-suEQizHI5aFks_b-08A5P3R9m33bbO9Vh_Xm6vkhRL_ghdJMUBdwgltrbT8E-C_WqaOTQEYF0mIAxGGnBFCfJbxFKecBizAQSx5kgom4xlPR0qTamDoOInVj4XJ66SKh9OAtcrLtoFqp1uI1rq98WqYsoyNPbWYPjkcp8iJYCJwXGdGg5CyuXNZNnHlLD84Waudr70yafzqYLKfUh9uCMyRVWvKJvfQ8X_43PbN6PuU3zEy-X9Yv34D2G3AqA HTTP 307
https://www.fmn.gr/ Page URL
https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20= Page URL
https://www.spkd.org.tr/account/check.php Page URL
https://greatpartnersturkey.com/Office/?email=bWR1cmFuZEBjZG10Zy5jb20%3D HTTP 302
https://greatpartnersturkey.com/Office/index.php?csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw== HTTP 302
https://greatpartnersturkey.com/Office/New/auth?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&protectedtoken=true&domain_hint=cdmtg.com&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw== HTTP 302
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2TOveeYcy4_kZadRXOUdLG2ukxztZBpbXNPtjWaoKqVaE4mSCupys7aslbw7hPCQ8FmGC6oAZ9OkDJliuYsCCj1R9jWdt2m0I4woSBVdrD1mRcIjwmPCB-w2uQjCb3Nnh4eb59vvoQ31RCu1quH7dMqvxMbPyOrqjxXirxk_d11iBdWyaIru3b8wPcg0Y0ClPEJ6nUFUoW1nZnvp_vpMAxeVjdervfTN8njPZH1Zb-7OD_srgjevfJDQvE7UFCj_zySrop6g0kE5qLvKTxdP1puN2chOwOEYkowrIgyaLNK18IFYy7DXIBhAUKJOQbRxZAZ-suEQizHI5aFks_b-08A5P3R9m33bbO9Vh_Xm6vkhRL_ghdJMUBdwgltrbT8E-C_WqaOTQEYF0mIAxGGnBFCfJbxFKecBizAQSx5kgom4xlPR0qTamDoOInVj4XJ66SKh9OAtcrLtoFqp1uI1rq98WqYsoyNPbWYPjkcp8iJYCJwXGdGg5CyuXNZNnHlLD84Waudr70yafzqYLKfUh9uCMyRVWvKJvfQ8X_43PbN6PuU3zEy-X9Yv34D2G3AqA HTTP 307
https://www.fmn.gr/

Request Chain 7

https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20= HTTP 302
https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
www.fmn.gr/
Redirect Chain

https://protect-us.mimecast.com/s/KbACClYpRRsBYW0FGRkSt?domain=fmn.gr
https://protect-us.mimecast.com/redirect/eNpVUmtvmzAU_SvI-xqI7dhgom1Km7XN2i1dm6Vdo0gIjHmkvGqboW7af98li6YNC2TOveeYcy4_kZadRXOUdLG2ukxztZBpbXNPtjWaoKqVaE4mSCupys7aslbw7hPCQ8FmGC6oAZ9OkDJliuYsCCj1R9jW...
https://www.fmn.gr/

56 KB
56 KB

257ms
189ms

Document
text/html

85.25.105.203
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fmn.gr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.105.203 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: s1.unijobs.gr
Software: Apache /
Resource Hash

Request headers

Host: www.fmn.gr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:36:53 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 25 Jan 2021 18:35:44 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.fmn.gr/#bWR1cmFuZEBjZG10Zy5jb20=
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK style.min.css
www.fmn.gr/wp-includes/css/dist/block-library/ 29 KB
29 KB 31ms
10ms Stylesheet
text/css 85.25.105.203
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fmn.gr/wp-includes/css/dist/block-library/style.min.css?ver=5.2.9
Requested by: Host: www.fmn.gr
URL: https://www.fmn.gr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.105.203 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: s1.unijobs.gr
Software: Apache /
Resource Hash

Request headers

Referer: https://www.fmn.gr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:36:53 GMT
Last-Modified: Wed, 06 Nov 2019 10:27:33 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29295

GET
H2 200 css
fonts.googleapis.com/ 6 KB
791 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C700&subset=latin%2Cgreek&ver=5.2.9

Requested by

Host: www.fmn.gr
URL: https://www.fmn.gr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.fmn.gr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 18:35:44 GMT
server: ESF
date: Mon, 25 Jan 2021 18:35:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jan 2021 18:35:44 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 26ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css?ver=5.2.9

Requested by

Host: www.fmn.gr
URL: https://www.fmn.gr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fmn.gr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H/1.1 200
OK style.css
www.fmn.gr/wp-content/themes/fmn/assets/css/ 35 KB
36 KB 33ms
11ms Stylesheet
text/css 85.25.105.203
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fmn.gr/wp-content/themes/fmn/assets/css/style.css?v=3.2.7&ver=5.2.9
Requested by: Host: www.fmn.gr
URL: https://www.fmn.gr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.105.203 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: s1.unijobs.gr
Software: Apache /
Resource Hash

Request headers

Referer: https://www.fmn.gr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:36:53 GMT
Last-Modified: Wed, 06 Nov 2019 10:39:59 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 36123

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js?ver=5.2.9

Requested by

Host: www.fmn.gr
URL: https://www.fmn.gr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fmn.gr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 16:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7959
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jan 2022 16:23:05 GMT

GET
H/1.1 200
OK scripts.js
www.fmn.gr/wp-content/themes/fmn/assets/js/ 41 KB
41 KB 48ms
10ms Script
application/javascript 85.25.105.203
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fmn.gr/wp-content/themes/fmn/assets/js/scripts.js?ver=5.2.9
Requested by: Host: www.fmn.gr
URL: https://www.fmn.gr/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.105.203 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: s1.unijobs.gr
Software: Apache /
Resource Hash

Request headers

Referer: https://www.fmn.gr/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:36:53 GMT
Last-Modified: Wed, 06 Nov 2019 10:40:06 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 41521

GET
H2

200

MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20= Show response
www.spkd.org.tr/account/confirm/
Redirect Chain

https://www.spkd.org.tr/account/token/referrer=bWR1cmFuZEBjZG10Zy5jb20=
https://www.spkd.org.tr/account/register/bWR1cmFuZEBjZG10Zy5jb20=
https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=

1 KB
500 B

355ms
355ms

Document
text/html

159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
Requested by: Host: www.fmn.gr
URL: https://www.fmn.gr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: rdn.zemta.com.tr
Software: Apache /
Resource Hash: 79516aa7cd03b5a959ad677e00f22fa20ef6c32ee9247147e953808274f6869c

Request headers

:method: GET
:authority: www.spkd.org.tr
:scheme: https
:path: /account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.fmn.gr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=4r0v29bhdb45q8h9fkbdu2n6v1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.fmn.gr/#bWR1cmFuZEBjZG10Zy5jb20=

Response headers

date: Mon, 25 Jan 2021 18:35:41 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
content-length: 467
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 25 Jan 2021 18:35:41 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=4r0v29bhdb45q8h9fkbdu2n6v1; path=/
location: ../confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8

GET
H2 400 api.js
www.google.com/recaptcha/ 0
0 46ms
45ms Script
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/recaptcha/api.js?render=6LdMzbMUAAAAAHe22iLJ2WEfP0S1tBFI6np7oWSG
Requested by: Host: www.spkd.org.tr
URL: https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 check.php Show response
www.spkd.org.tr/account/ 259 B
243 B 528ms
528ms Document
text/html 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.spkd.org.tr/account/check.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: rdn.zemta.com.tr
Software: Apache /
Resource Hash: a305cb75f70fa602fa3df230cf2e69f06cb7ee859e88cf22a724761a06214776

Request headers

:method: POST
:authority: www.spkd.org.tr
:scheme: https
:path: /account/check.php
content-length: 47
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.spkd.org.tr
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.spkd.org.tr
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.spkd.org.tr/account/confirm/MTYxMTU5OTc0MWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE6bWR1cmFuZEBjZG10Zy5jb20=

Response headers

date: Mon, 25 Jan 2021 18:35:44 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=vdh4aa8g9tl58b1315hm5bm695; path=/
vary: Accept-Encoding
content-encoding: br
content-length: 151
content-type: text/html; charset=UTF-8

GET
H2

200

Primary Request signin Show response
greatpartnersturkey.com/Office/New/
Redirect Chain

https://greatpartnersturkey.com/Office/?email=bWR1cmFuZEBjZG10Zy5jb20%3D
https://greatpartnersturkey.com/Office/index.php?csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==
https://greatpartnersturkey.com/Office/New/auth?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-00000000000...
https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000...

11 KB
2 KB

90ms
89ms

Document
text/html

159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL

https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

5c8a50038a944c9098939202a6a9330f3266a3a7be235f7c2cbc8d4a56098864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: greatpartnersturkey.com
:scheme: https
:path: /Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.spkd.org.tr/account/check.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=lqebjh8519s7ehm36cj8rokj07
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.spkd.org.tr/account/check.php

Response headers

date: Mon, 25 Jan 2021 18:35:46 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2141
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 25 Jan 2021 18:35:45 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
vary: Accept-Encoding
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1
content-type: text/html; charset=UTF-8

GET
H2 200 login.css
greatpartnersturkey.com/Office/New/lib/css/ 99 KB
16 KB 131ms
128ms Stylesheet
text/css 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL

https://greatpartnersturkey.com/Office/New/lib/css/login.css

Requested by

Host: greatpartnersturkey.com
URL: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

968d3f29171b0c97399611fbcd07bc81db0253fd91ec36dc456d08bb94b9bac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 07:43:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16397
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 53_8b36337037cff88c3df203bb73d58e41.png
greatpartnersturkey.com/Office/New/lib/img/ 5 KB
5 KB 254ms
252ms Image
image/png 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/53_8b36337037cff88c3df203bb73d58e41.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:06:00 GMT
server: Apache
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5139
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
greatpartnersturkey.com/Office/New/lib/img/ 4 KB
1 KB 274ms
272ms Image
image/svg+xml 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:08:46 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1375
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg
greatpartnersturkey.com/Office/New/lib/img/ 2 KB
621 B 273ms
271ms Image
image/svg+xml 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/documentation_bcb4d1dc4eae64f0b2b2538209d8435a.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:24:32 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 562
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg
greatpartnersturkey.com/Office/New/lib/img/ 915 B
279 B 273ms
271ms Image
image/svg+xml 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/ellipsis_white_5ac590ee72bfe06a7cecfd75b588ad73.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 07:45:34 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 221
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg
greatpartnersturkey.com/Office/New/lib/img/ 915 B
295 B 272ms
271ms Image
image/svg+xml 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 07:45:44 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 225
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 login.css
greatpartnersturkey.com/Office/New/lib/css/ 0
16 KB 275ms
272ms Other
text/css 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL

https://greatpartnersturkey.com/Office/New/lib/css/login.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 07:43:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16397
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
greatpartnersturkey.com/Office/New/lib/img/ 987 B
1 KB 253ms
252ms Image
image/jpeg 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:00:48 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 987
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

GET
H2 200 49_7916a894ebde7d29c2cc29b267f1299f.jpg
greatpartnersturkey.com/Office/New/lib/img/ 17 KB
17 KB 221ms
220ms Image
image/jpeg 159.253.46.18
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://greatpartnersturkey.com/Office/New/lib/img/49_7916a894ebde7d29c2cc29b267f1299f.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.253.46.18 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),

Reverse DNS

rdn.zemta.com.tr

Software

Apache /

Resource Hash

d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatpartnersturkey.com/Office/New/signin?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=cbe5f539-6500-4465-ad5c-3ea9f5aa9297&key=d8mmi1mX9PUzIBW4&email=mdurand@cdmtg.com&csrftoken=MTYxMTU5OTc0NWY2ZGE5MmNhNzcyZjA0MWM1ZGZjZWRkNjYzNTYzMmU1ZjE5ZmE4MzE5MTFhZDE1MGFhOTU1MWJjNDY3NGEzODI2MGJmYmYyNw==&xemail
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:35:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 08:00:58 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17453
x-xss-protection: 1; mode=block
expires: Mon, 01 Feb 2021 18:35:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			greatpartnersturkey.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lqebjh8519s7ehm36cj8rokj07

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.fmn.gr/(Line 18) Message: mdurand@cdmtg.com
console-api	log	URL: https://www.fmn.gr/(Line 20) Message: mdurand@cdmtg.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
greatpartnersturkey.com
maxcdn.bootstrapcdn.com
protect-us.mimecast.com
www.fmn.gr
www.google.com
www.spkd.org.tr
159.253.46.18
2001:4de0:ac19::1:b:1a
207.211.31.113
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:827::200a
85.25.105.203
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
5c8a50038a944c9098939202a6a9330f3266a3a7be235f7c2cbc8d4a56098864
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
79516aa7cd03b5a959ad677e00f22fa20ef6c32ee9247147e953808274f6869c
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
968d3f29171b0c97399611fbcd07bc81db0253fd91ec36dc456d08bb94b9bac7
a305cb75f70fa602fa3df230cf2e69f06cb7ee859e88cf22a724761a06214776
a76c08e9cdc3bb87bfb57627ad8f6b46f0e5ef826cc7f046dfbaf25d7b7958ea
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

greatpartnersturkey.com Open in urlscan Pro 159.253.46.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

6 IPs

4 Countries

258 kBTransfer

416 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

greatpartnersturkey.com Open in urlscan Pro
159.253.46.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

258 kB
Transfer

416 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!