urlscan.io logo urlscan.io
SecurityTrails logo

www-enpara-ramazankampanyasi-com-tr.ml Open in urlscan Pro
35.204.58.166  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Submission: On May 13 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 5 domains to perform 22 HTTP transactions. The main IP is 35.204.58.166, located in Ascension Island and belongs to GOOGLE - Google LLC, US. The main domain is www-enpara-ramazankampanyasi-com-tr.ml.
This is the only time www-enpara-ramazankampanyasi-com-tr.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Finansbank (Banking)

Domain & IP information

IP Address AS Autonomous System
18 35.204.58.166 15169 (GOOGLE)
1 62.108.64.90 8831 (FINANSBAN...)
1 52.222.157.72 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 5
18    35.204.58.166 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 166.58.204.35.bc.googleusercontent.com
www-enpara-ramazankampanyasi-com-tr.ml
1    62.108.64.90 (Istanbul, Turkey)

ASN8831 (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad., TR)
internetsubesi.qnbfinansbank.enpara.com
1    52.222.157.72 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-72.fra53.r.cloudfront.net
cdn.linearicons.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
18 www-enpara-ramazankampanyasi-com-tr.ml www-enpara-ramazankampanyasi-com-tr.ml
2 www.google-analytics.com 1 redirects www-enpara-ramazankampanyasi-com-tr.ml
1 stats.g.doubleclick.net www-enpara-ramazankampanyasi-com-tr.ml
1 cdn.linearicons.com www-enpara-ramazankampanyasi-com-tr.ml
1 internetsubesi.qnbfinansbank.enpara.com www-enpara-ramazankampanyasi-com-tr.ml
22 5

This site contains links to these domains. Also see Links.

Domain
leadxen.com
Subject Issuer Validity Valid
internetsubesi.qnbfinansbank.enpara.com
GlobalSign Extended Validation CA - SHA256 - G3		 2018-01-30 -
2020-04-30		 2 years crt.sh
cdn.linearicons.com
Amazon		 2019-04-01 -
2020-05-01		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www-enpara-ramazankampanyasi-com-tr.ml/
Frame ID: B7D3CF7FFBB63E6910A8BEC5BFC410FE
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /select2.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /select2.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

22
Requests

18 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

5
Countries

1153 kB
Transfer

1174 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 20
  • http://www.google-analytics.com/r/collect?v=1&_v=j73&a=1776619305&t=pageview&_s=1&dl=http%3A%2F%2Fwww-enpara-ramazankampanyasi-com-tr.ml%2F&ul=en-us&de=UTF-8&dt=Enpara.com%20Internet%20Bankaciligi%20Giris&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=45635217&gjid=394680570&cid=1411360648.1557750073&tid=UA-71731539-1&_gid=690583583.1557750073&_r=1&z=1225580757 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1776619305&t=pageview&_s=1&dl=http%3A%2F%2Fwww-enpara-ramazankampanyasi-com-tr.ml%2F&ul=en-us&de=UTF-8&dt=Enpara.com%20Internet%20Bankaciligi%20Giris&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=45635217&gjid=394680570&cid=1411360648.1557750073&tid=UA-71731539-1&_gid=690583583.1557750073&_r=1&z=1225580757 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71731539-1&cid=1411360648.1557750073&jid=45635217&_gid=690583583.1557750073&gjid=394680570&_v=j73&z=1225580757

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www-enpara-ramazankampanyasi-com-tr.ml/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PHP/5.4.16 PleskLin
Resource Hash
1644bddbc56361207f707177714ebe70597e09baee7b4a6f4a4884d9a81ef267

Request headers

Host
www-enpara-ramazankampanyasi-com-tr.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Mon, 13 May 2019 12:21:12 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16 PleskLin
MS-Author-Via
DAV
bootstrap.min.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/bootstrap/css/ 		122 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"598cab5c-1e822"
Last-Modified
Thu, 10 Aug 2017 18:52:12 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
124962
font-awesome.min.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/font-awesome-4.7.0/css/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"59244aaa-7918"
Last-Modified
Tue, 23 May 2017 14:43:54 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31000
icon-font.min.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/Linearicons-Free-v1.0.0/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/Linearicons-Free-v1.0.0/icon-font.min.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"5a1c2492-1cba"
Last-Modified
Mon, 27 Nov 2017 14:43:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7354
animate.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/animate/ 		23 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/animate/animate.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"59a7deb2-5d28"
Last-Modified
Thu, 31 Aug 2017 10:02:26 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23848
hamburgers.min.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/css-hamburgers/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/css-hamburgers/hamburgers.min.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"5994a0f0-4ce6"
Last-Modified
Wed, 16 Aug 2017 19:45:52 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19686
select2.min.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/select2/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/select2/select2.min.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"599dcef6-3b5c"
Last-Modified
Wed, 23 Aug 2017 18:52:38 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15196
util.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/ 		85 KB
85 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/util.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"5a312090-1531e"
Last-Modified
Wed, 13 Dec 2017 12:44:00 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86814
main.css
www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/main.css
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
f62cb4f7ead6ce81ddb768ca2281bf86c033f45fc28da4b67ec6100c25c7778e

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"5cb32850-2b84"
Last-Modified
Sun, 14 Apr 2019 12:32:16 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11140
logo.png
internetsubesi.qnbfinansbank.enpara.com/Content/Images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internetsubesi.qnbfinansbank.enpara.com/Content/Images/logo.png
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
62.108.64.90 Istanbul, Turkey, ASN8831 (FINANSBANK Inkilap Mahallesi Dr. Fazil Kucuk Cad., TR),
Reverse DNS
Software
/
Resource Hash
3c86ed1a776be1e6a46c9a1f4b520b63bb7b9b2303edeef665447a5f69d7e36d
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=3600
Cache-Control
public
Content-Type
image/png
X-Frame-Options
SAMEORIGIN
Date
Mon, 13 May 2019 12:21:12 GMT
Transfer-Encoding
chunked
Expires
Mon, 13 May 2019 14:21:13 GMT
jquery-3.2.1.min.js
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/jquery/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/jquery/jquery-3.2.1.min.js
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"597b02c0-15283"
Last-Modified
Fri, 28 Jul 2017 09:24:16 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86659
popper.js
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/bootstrap/js/ 		80 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/bootstrap/js/popper.js
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"59cbcad4-13f06"
Last-Modified
Wed, 27 Sep 2017 15:59:16 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81670
bootstrap.min.js
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/bootstrap/js/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"598cab2a-c7c7"
Last-Modified
Thu, 10 Aug 2017 18:51:22 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51143
select2.min.js
www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/select2/ 		65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/vendor/select2/select2.min.js
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"599dcf04-10468"
Last-Modified
Wed, 23 Aug 2017 18:52:52 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66664
main.js
www-enpara-ramazankampanyasi-com-tr.ml/Themes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/js/main.js
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
a8e98b651f82ffb90e8c87af9e02bfd70e4c4c20869b58f0b172494316cfff39

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"5a3774a8-58c"
Last-Modified
Mon, 18 Dec 2017 07:56:24 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1420
img-01.png
www-enpara-ramazankampanyasi-com-tr.ml/Themes/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/images/img-01.png
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
3252defb25bd1d43565efaa5c99684e786d6ad47497dc34e81e8a44e03901c48

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"5cb2c9f2-346c"
Last-Modified
Sun, 14 Apr 2019 05:49:38 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13420
Raleway-SemiBold.ttf
www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/raleway/ 		176 KB
177 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/raleway/Raleway-SemiBold.ttf
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
b7680f30199f65ce3b2620713f7cb27a175560ea7402e0b4cba01c5d54508a17

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/main.css
Origin
http://www-enpara-ramazankampanyasi-com-tr.ml

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"50491ce0-2c10c"
Last-Modified
Thu, 06 Sep 2012 22:00:00 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180492
Linearicons-Free.woff2
cdn.linearicons.com/free/1.0.0/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.linearicons.com/free/1.0.0/Linearicons-Free.woff2
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.72 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-72.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/Linearicons-Free-v1.0.0/icon-font.min.css
Origin
http://www-enpara-ramazankampanyasi-com-tr.ml

Response headers

date
Thu, 22 Sep 2016 19:35:10 GMT
via
1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jun 2015 09:10:36 GMT
server
AmazonS3
age
13919799
etag
"03e91f122aa5fd425abbe23c85546eb0"
access-control-allow-methods
GET
content-type
application/font-woff2
status
200
cache-control
max-age=31000000
x-cache
Hit from cloudfront
accept-ranges
bytes
access-control-allow-origin
*
content-length
21780
x-amz-cf-id
ufeKIajS9QUIAQVVnkQEet0mlT8D7PwQh6MW-Yhh0Ci3NxjH1QuUJg==
Raleway-Bold.ttf
www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/raleway/ 		175 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/raleway/Raleway-Bold.ttf
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/main.css
Origin
http://www-enpara-ramazankampanyasi-com-tr.ml

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"50491ce0-2bc2c"
Last-Modified
Thu, 06 Sep 2012 22:00:00 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
179244
Poppins-Regular.ttf
www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/poppins/ 		142 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/fonts/poppins/Poppins-Regular.ttf
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
HTTP/1.1
Server
35.204.58.166 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.58.204.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/Themes/css/main.css
Origin
http://www-enpara-ramazankampanyasi-com-tr.ml

Response headers

Date
Mon, 13 May 2019 12:21:13 GMT
ETag
"556e2760-237a0"
Last-Modified
Tue, 02 Jun 2015 22:00:00 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145312
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2922
date
Mon, 13 May 2019 11:32:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 13 May 2019 13:32:31 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j73&a=1776619305&t=pageview&_s=1&dl=http%3A%2F%2Fwww-enpara-ramazankampanyasi-com-tr.ml%2F&ul=en-us&de=UTF-8&dt=Enpara.com%20Internet%20Bankaciligi%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1776619305&t=pageview&_s=1&dl=http%3A%2F%2Fwww-enpara-ramazankampanyasi-com-tr.ml%2F&ul=en-us&de=UTF-8&dt=Enpara.com%20Internet%20Bankaciligi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71731539-1&cid=1411360648.1557750073&jid=45635217&_gid=690583583.1557750073&gjid=394680570&_v=j73&z=1225580757
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71731539-1&cid=1411360648.1557750073&jid=45635217&_gid=690583583.1557750073&gjid=394680570&_v=j73&z=1225580757
Requested by
Host: www-enpara-ramazankampanyasi-com-tr.ml
URL: http://www-enpara-ramazankampanyasi-com-tr.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www-enpara-ramazankampanyasi-com-tr.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 13 May 2019 12:21:13 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 May 2019 12:21:13 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-71731539-1&cid=1411360648.1557750073&jid=45635217&_gid=690583583.1557750073&gjid=394680570&_v=j73&z=1225580757
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Finansbank (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| Popper string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.www-enpara-ramazankampanyasi-com-tr.ml/ Name: _gat
Value: 1
.www-enpara-ramazankampanyasi-com-tr.ml/ Name: _gid
Value: GA1.2.690583583.1557750073
.www-enpara-ramazankampanyasi-com-tr.ml/ Name: _ga
Value: GA1.2.1411360648.1557750073

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.linearicons.com
internetsubesi.qnbfinansbank.enpara.com
stats.g.doubleclick.net
www-enpara-ramazankampanyasi-com-tr.ml
www.google-analytics.com
2a00:1450:4001:808::200e
2a00:1450:400c:c08::9d
35.204.58.166
52.222.157.72
62.108.64.90
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
1644bddbc56361207f707177714ebe70597e09baee7b4a6f4a4884d9a81ef267
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
3252defb25bd1d43565efaa5c99684e786d6ad47497dc34e81e8a44e03901c48
3c86ed1a776be1e6a46c9a1f4b520b63bb7b9b2303edeef665447a5f69d7e36d
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
a8e98b651f82ffb90e8c87af9e02bfd70e4c4c20869b58f0b172494316cfff39
a93f37c5c32d030a1d831b5023b6b29bc93290f5423debaf47c83b6444528059
b7680f30199f65ce3b2620713f7cb27a175560ea7402e0b4cba01c5d54508a17
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
ca9de8b3be7ccd4b80774a9c7dd56a98c49c276771c5957729b5958d1d579112
f62cb4f7ead6ce81ddb768ca2281bf86c033f45fc28da4b67ec6100c25c7778e
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04