urlscan.io logo urlscan.io
SecurityTrails logo

eformlardaiadelerkayitliislemler.xyz Open in urlscan Pro
160.153.197.98  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://eformlardaiadelerkayitliislemler.xyz/
Submission: On March 13 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 160.153.197.98, located in Scottsdale, United States and belongs to GODADDY-AMS, DE. The main domain is eformlardaiadelerkayitliislemler.xyz.
This is the only time eformlardaiadelerkayitliislemler.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BDDK (Banking)

Domain & IP information

IP Address AS Autonomous System
2 160.153.197.98 21501 (GODADDY-AMS)
1 2a00:1450:400... 15169 (GOOGLE)
14 94.55.118.37 47524 (TURKSAT-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 31.3.2.119 21245 (NETSA-AS)
22 7
2    160.153.197.98 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-197-98.ip.secureserver.net
eformlardaiadelerkayitliislemler.xyz
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    94.55.118.37 (Turkey)

ASN47524 (TURKSAT-AS, TR)
PTR: static.turkiye.gov.tr
static.turkiye.gov.tr
1    2606:4700:3032::681b:bb3f (United States)

ASN13335 (CLOUDFLARENET, US)
bankaforex.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3038::681f:8b9 (United States)

ASN13335 (CLOUDFLARENET, US)
i.hizliresim.com
2    31.3.2.119 (Turkey)

ASN21245 (NETSA-AS, TR)
cdn.e-devlet.gov.tr
Domain Requested by
14 static.turkiye.gov.tr eformlardaiadelerkayitliislemler.xyz
2 cdn.e-devlet.gov.tr 1 redirects eformlardaiadelerkayitliislemler.xyz
2 www.google-analytics.com www.googletagmanager.com
eformlardaiadelerkayitliislemler.xyz
2 eformlardaiadelerkayitliislemler.xyz static.turkiye.gov.tr
1 i.hizliresim.com eformlardaiadelerkayitliislemler.xyz
1 bankaforex.com eformlardaiadelerkayitliislemler.xyz
1 www.googletagmanager.com eformlardaiadelerkayitliislemler.xyz
22 7

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
*.turkiye.gov.tr
GlobalSign RSA OV SSL CA 2018		 2020-01-17 -
2022-01-17		 2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-29 -
2020-07-28		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
cdn.e-devlet.gov.tr
GlobalSign RSA OV SSL CA 2018		 2020-02-28 -
2022-02-28		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://eformlardaiadelerkayitliislemler.xyz/
Frame ID: ED5E4B4BED54417DD2476CF287056689
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

22
Requests

91 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

610 kB
Transfer

1374 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • http://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35 HTTP 301
  • https://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
eformlardaiadelerkayitliislemler.xyz/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Server
160.153.197.98 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-197-98.ip.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
efdb915c7e03ab793aa3388f84f6812fe4d7fe57f1d2c0bc594ea5e70c820cbe

Request headers

Host
eformlardaiadelerkayitliislemler.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
4668
Keep-Alive
timeout=5
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153499133-1
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7e7929814a011405674bf781ed529d47bd4d0686a499f9adec1a72ff5a42c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 10:54:28 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28540
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Mar 2020 10:54:28 GMT
base.css
static.turkiye.gov.tr/themes/izmir/css/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/css/base.css
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
87bd33b385b326faf12e59f7d8313ba8d5eb028fc2287d6b2f34761394ee2397

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2020 11:41:02 GMT
Server
nginx
ETag
W/"5e68ce4e-1dc91"
Vary
Accept-Encoding, User-Agent
Content-Type
text/css
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
header.js
static.turkiye.gov.tr/themes/izmir/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/js/header.js
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
66e7a6ef595703bbf9cc5b83c7c1150626b7be54e731bb007e61d15623089d8a

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2020 11:40:44 GMT
Server
nginx
ETag
W/"5e68ce3c-2709"
Vary
Accept-Encoding, User-Agent
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
giris.css
static.turkiye.gov.tr/themes/izmir/css/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/css/giris.css
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
07f65ee2eb863888b16fcc0d582aa83be41f1441e71a8e8de75bb32a9a2748c7

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2020 11:41:04 GMT
Server
nginx
ETag
W/"5e68ce50-a195"
Vary
Accept-Encoding, User-Agent
Content-Type
text/css
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1.png
static.turkiye.gov.tr/themes/istanbul/images/agencies/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.turkiye.gov.tr/themes/istanbul/images/agencies/1.png
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Sun, 10 Dec 2017 13:50:20 GMT
Server
nginx
ETag
"5a2d3b9c-73f"
Vary
Accept-Encoding, User-Agent
Content-Type
image/png
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
Expires
Thu, 31 Dec 2037 23:55:55 GMT
form-progress.svg
static.turkiye.gov.tr/themes/izmir/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.turkiye.gov.tr/themes/izmir/images/form-progress.svg
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Mon, 11 Dec 2017 14:11:06 GMT
Server
nginx
ETag
"5a2e91fa-42c"
Vary
Accept-Encoding, User-Agent
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1068
Expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
static.turkiye.gov.tr/themes/izmir/js/ 		662 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/js/common.js
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
df1301d1bf246c1c86426713ab5e95c94112ab35a9aa833a30da6d835c528e8d

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2020 11:40:51 GMT
Server
nginx
ETag
W/"5e68ce43-a5623"
Vary
Accept-Encoding, User-Agent
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
giris.js
static.turkiye.gov.tr/themes/izmir/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/js/giris.js
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
ae70e04df3fbab25ec1d5db3961d5ae79a16c6cdc398fc0f94110dbe7c1d8ef2

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2020 11:40:51 GMT
Server
nginx
ETag
W/"5e68ce43-78e9"
Vary
Accept-Encoding, User-Agent
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jcryption.js
static.turkiye.gov.tr/themes/istanbul/javascript/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/istanbul/javascript/jcryption.js
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
a35a423bb7df717794d8b791af03962cf38106dafbcbff01b5a98bf63e76e4ae

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Dec 2017 13:50:20 GMT
Server
nginx
ETag
W/"5a2d3b9c-12046"
Vary
Accept-Encoding, User-Agent
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kredi-karti-cvv-kodu-nedir-k-740x379.png
bankaforex.com/wp-content/uploads/2019/07/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankaforex.com/wp-content/uploads/2019/07/kredi-karti-cvv-kodu-nedir-k-740x379.png
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:bb3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce694b346bb1b90e6c3fa3dee407df2914af4e091b4d8dc9de3419ddb71cec1

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 10:54:28 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 26 Jul 2019 09:10:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
573537954fd763f5-FRA
content-length
169462
expires
Fri, 20 Mar 2020 10:54:28 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153499133-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1257
date
Fri, 13 Mar 2020 10:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 13 Mar 2020 12:33:31 GMT
x0qT4T.png
i.hizliresim.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/x0qT4T.png
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:8b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5058e14f07745c409f53d8c0e10dc9c17ccbf2e17f4da9268c98d832e07cce2

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 10:54:28 GMT
cf-cache-status
HIT
age
3567
status
200
x-amz-request-id
281AC5BFA7A4AAF7
x-amz-id-2
awC0sV4IDt3WmB8bZWil9NPzrCg8uhyIr8E/JtueuvZSb5Ex0EKSTSErVUKm21ycj31GiHWmv1Xf
last-modified
Mon, 09 Mar 2020 21:36:24 GMT
server
cloudflare
etag
W/"dbf34fae049bf6da9dea6b9f712eb849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
573537951c80c2a4-FRA
expires
Fri, 20 Mar 2020 09:55:01 GMT
auth-methods.2234.svg
static.turkiye.gov.tr/themes/izmir/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.turkiye.gov.tr/themes/izmir/images/auth-methods.2234.svg
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
27292f1f2138adbd114fa0463bec7cfcb3475c08477f79554da42d858be68d70

Request headers

Referer
https://static.turkiye.gov.tr/themes/izmir/css/giris.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Fri, 05 Jan 2018 11:42:29 GMT
Server
nginx
ETag
"5a4f64a5-1125"
Vary
Accept-Encoding, User-Agent
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4389
Expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-regular-webfont.2234.woff
static.turkiye.gov.tr/themes/izmir/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/fonts/opensans-regular-webfont.2234.woff
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
cae23238919c18fd4c10019616ab3ac444bf3794502cdd1d73934ad34b199968

Request headers

Referer
https://static.turkiye.gov.tr/themes/izmir/css/base.css
Origin
http://eformlardaiadelerkayitliislemler.xyz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Mon, 11 Dec 2017 08:25:33 GMT
Server
nginx
ETag
"5a2e40fd-48f0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18672
Expires
Thu, 31 Dec 2037 23:55:55 GMT
button-right.2234.svg
static.turkiye.gov.tr/themes/izmir/images/ 		448 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.turkiye.gov.tr/themes/izmir/images/button-right.2234.svg
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4

Request headers

Referer
https://static.turkiye.gov.tr/themes/izmir/css/giris.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Mon, 11 Dec 2017 14:11:06 GMT
Server
nginx
ETag
"5a2e91fa-1c0"
Vary
Accept-Encoding, User-Agent
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
Expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-bold-webfont.2234.woff
static.turkiye.gov.tr/themes/izmir/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/fonts/opensans-bold-webfont.2234.woff
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
bdbfa401872e5613f98becc33bb182901f0106ae91c9a6547c8b9c928faaba5a

Request headers

Referer
https://static.turkiye.gov.tr/themes/izmir/css/base.css
Origin
http://eformlardaiadelerkayitliislemler.xyz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Mon, 11 Dec 2017 08:25:33 GMT
Server
nginx
ETag
"5a2e40fd-4a18"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18968
Expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-light-webfont.2234.woff
static.turkiye.gov.tr/themes/izmir/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/fonts/opensans-light-webfont.2234.woff
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
3aad39d766b468cdada18b6eb1cd786b45605a357e6f830e78e08ae73b9a05b9

Request headers

Referer
https://static.turkiye.gov.tr/themes/izmir/css/base.css
Origin
http://eformlardaiadelerkayitliislemler.xyz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Mon, 11 Dec 2017 08:25:33 GMT
Server
nginx
ETag
"5a2e40fd-4840"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18496
Expires
Thu, 31 Dec 2037 23:55:55 GMT
edk.2234.2234.woff
static.turkiye.gov.tr/themes/izmir/fonts/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.turkiye.gov.tr/themes/izmir/fonts/edk.2234.2234.woff
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
94.55.118.37 , Turkey, ASN47524 (TURKSAT-AS, TR),
Reverse DNS
static.turkiye.gov.tr
Software
nginx /
Resource Hash
de5bb18204c7d78e9e6ea66268e42fa25d09ee7e4bafa91746396f5c5aefcead

Request headers

Referer
https://static.turkiye.gov.tr/themes/izmir/css/base.css
Origin
http://eformlardaiadelerkayitliislemler.xyz
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Last-Modified
Wed, 11 Mar 2020 11:40:48 GMT
Server
nginx
ETag
"5e68ce40-9e54"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40532
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2030569775&t=pageview&_s=1&dl=http%3A%2F%2Feformlardaiadelerkayitliislemler.xyz%2F&ul=en-us&de=UTF-8&dt=e-Devlet%20%C4%B0ade%20Kap%C4%B1s%C4%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1882232694&gjid=1999597563&cid=1575068163.1584096869&tid=UA-153499133-1&_gid=1022369233.1584096869&_r=1&gtm=2ou340&z=1950723517
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 10:54:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
CryptoServlet
eformlardaiadelerkayitliislemler.xyz/ 		330 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://eformlardaiadelerkayitliislemler.xyz/CryptoServlet?generateKeyPair=true
Requested by
Host: static.turkiye.gov.tr
URL: https://static.turkiye.gov.tr/themes/izmir/js/common.js
Protocol
HTTP/1.1
Server
160.153.197.98 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-197-98.ip.secureserver.net
Software
Apache /
Resource Hash
e04f1c312cde2f50e704203cdfe792746e4f14beed0c68a6fc577660f88ea09c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://eformlardaiadelerkayitliislemler.xyz/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 10:54:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
330
Content-Type
text/html; charset=iso-8859-1
bb-ubak-tsat-black.png
cdn.e-devlet.gov.tr/themes/izmir/images/
Redirect Chain
  • http://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
  • https://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
Requested by
Host: eformlardaiadelerkayitliislemler.xyz
URL: http://eformlardaiadelerkayitliislemler.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.3.2.119 , Turkey, ASN21245 (NETSA-AS, TR),
Reverse DNS
Software
MNCDN-2142 /
Resource Hash
caa20c8ed80b0ac3514c943e4ec51d61bb3a1900e0f611f2cd000c2b64dfa286

Request headers

Referer
http://eformlardaiadelerkayitliislemler.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Mar 2020 10:54:29 GMT
content-encoding
gzip
server
MNCDN-2142
x-edge-location
DE-372
x-cache-status
Edge : HIT,
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, User-Agent
content-type
image/png
status
200
cache-control
max-age=31536000
x-mserver
2200
expires
Sat, 13 Mar 2021 10:54:29 GMT

Redirect headers

Date
Fri, 13 Mar 2020 10:54:29 GMT
Server
MNCDN-2148
x-edge-location
DE-372
X-Cache-Status
Edge : ,
Content-Type
text/html
Location
https://cdn.e-devlet.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
Connection
keep-alive
Content-Length
170

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDDK (Banking)

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| html5 object| Modernizr object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| LanguageFetcher function| loadTextTrack function| parseSRT object| textTrack object| textTrackCounter object| currentText undefined| viewMode undefined| textMode string| staticServer string| ajaxServer function| toggleText function| toggleSize function| add_printable_footer object| os function| fix_colour_dots_on_firefox object| locales object| datePickerController function| DeepLinker function| open_accessibility_menu function| close_accessibility_menu function| is_accessibility_menu_open function| toggle_accessibility_menu function| open_user_menu function| close_user_menu function| is_user_menu_open function| toggle_user_menu function| $ function| jQuery function| FastClick function| moment function| RateYo function| Cookies function| timecode_min function| timecode_max function| tcsecs function| tmpl function| Marquee function| analytics function| Sifter object| MicroPlugin function| Selectize object| is function| initializeHelpers number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger undefined| maxDigits undefined| ZERO_ARRAY undefined| bigZero undefined| bigOne number| dpl10 object| highBitMasks object| hexatrigesimalToChar object| hexToChar object| lowBitMasks function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod object| Aes object| Base64 object| Utf8 number| charSize string| b64pad number| hexCase function| Int_64 function| str2binb function| hex2binb function| binb2hex function| binb2b64 function| rotl_32 function| rotr_32 function| rotr_64 function| shr_32 function| shr_64 function| parity_32 function| ch_32 function| ch_64 function| maj_32 function| maj_64 function| sigma0_32 function| sigma0_64 function| sigma1_32 function| sigma1_64 function| gamma0_32 function| gamma0_64 function| gamma1_32 function| gamma1_64 function| safeAdd_32_2 function| safeAdd_32_4 function| safeAdd_32_5 function| safeAdd_64_2 function| safeAdd_64_4 function| safeAdd_64_5 function| coreSHA1 function| coreSHA2 function| jsSHA

4 Cookies

Domain/Path Name / Value
eformlardaiadelerkayitliislemler.xyz/ Name: top-menu-state
Value: closed
.eformlardaiadelerkayitliislemler.xyz/ Name: _gat_gtag_UA_153499133_1
Value: 1
.eformlardaiadelerkayitliislemler.xyz/ Name: _gid
Value: GA1.2.1022369233.1584096869
.eformlardaiadelerkayitliislemler.xyz/ Name: _ga
Value: GA1.2.1575068163.1584096869

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankaforex.com
cdn.e-devlet.gov.tr
eformlardaiadelerkayitliislemler.xyz
i.hizliresim.com
static.turkiye.gov.tr
www.google-analytics.com
www.googletagmanager.com
160.153.197.98
2606:4700:3032::681b:bb3f
2606:4700:3038::681f:8b9
2a00:1450:4001:800::2008
2a00:1450:4001:81c::200e
31.3.2.119
94.55.118.37
07f65ee2eb863888b16fcc0d582aa83be41f1441e71a8e8de75bb32a9a2748c7
14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4
27292f1f2138adbd114fa0463bec7cfcb3475c08477f79554da42d858be68d70
2ce694b346bb1b90e6c3fa3dee407df2914af4e091b4d8dc9de3419ddb71cec1
3aad39d766b468cdada18b6eb1cd786b45605a357e6f830e78e08ae73b9a05b9
66e7a6ef595703bbf9cc5b83c7c1150626b7be54e731bb007e61d15623089d8a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87bd33b385b326faf12e59f7d8313ba8d5eb028fc2287d6b2f34761394ee2397
a35a423bb7df717794d8b791af03962cf38106dafbcbff01b5a98bf63e76e4ae
ae70e04df3fbab25ec1d5db3961d5ae79a16c6cdc398fc0f94110dbe7c1d8ef2
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18
b5058e14f07745c409f53d8c0e10dc9c17ccbf2e17f4da9268c98d832e07cce2
bdbfa401872e5613f98becc33bb182901f0106ae91c9a6547c8b9c928faaba5a
c7e7929814a011405674bf781ed529d47bd4d0686a499f9adec1a72ff5a42c67
caa20c8ed80b0ac3514c943e4ec51d61bb3a1900e0f611f2cd000c2b64dfa286
cae23238919c18fd4c10019616ab3ac444bf3794502cdd1d73934ad34b199968
de5bb18204c7d78e9e6ea66268e42fa25d09ee7e4bafa91746396f5c5aefcead
df1301d1bf246c1c86426713ab5e95c94112ab35a9aa833a30da6d835c528e8d
e04f1c312cde2f50e704203cdfe792746e4f14beed0c68a6fc577660f88ea09c
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
efdb915c7e03ab793aa3388f84f6812fe4d7fe57f1d2c0bc594ea5e70c820cbe
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2