cepte.ak-basvurumerkezi.com Open in urlscan Pro
2606:4700:3032::ac43:a1ab Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cepte.ak-basvurumerkezi.com/
Submission: On May 30 via api (May 30th 2024, 11:25:16 pm UTC) from TR — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3032::ac43:a1ab, located in United States and belongs to CLOUDFLARENET, US. The main domain is cepte.ak-basvurumerkezi.com.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2024. Valid for: 3 months.

This is the only time cepte.ak-basvurumerkezi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AKBank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3032::ac43:a1ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2a01:4f8:c012... 2a01:4f8:c012:cb50::1	24940 (HETZNER-AS) (HETZNER-AS)
1 8	172.67.161.171 172.67.161.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	4

4 2606:4700:3032::ac43:a1ab (United States)

ASN13335 (CLOUDFLARENET, US)

cepte.ak-basvurumerkezi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:c012:cb50::1 (Germany)

ASN24940 (HETZNER-AS, DE)

api.pirsch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.161.171 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cepte.ak-basvurumerkezi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ak-basvurumerkezi.com 1 redirects cepte.ak-basvurumerkezi.com	286 KB
2	pirsch.io api.pirsch.io — Cisco Umbrella Rank: 111213	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	31 KB
14	3

	Domain	Requested by
12	cepte.ak-basvurumerkezi.com	1 redirects cepte.ak-basvurumerkezi.com
2	api.pirsch.io	cepte.ak-basvurumerkezi.com api.pirsch.io
1	code.jquery.com	cepte.ak-basvurumerkezi.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
ak-basvurumerkezi.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.pirsch.io R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cepte.ak-basvurumerkezi.com/
Frame ID: D1630F96DE5603C0A64D3C5399DC7365
Requests: 12 HTTP requests in this frame

Frame: https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 1D7CDA3C89360AB43189D3389C9ABBB7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Akbank Mobil - Hoşçakalın!

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

320 kB
Transfer

1032 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cepte.ak-basvurumerkezi.com/ 29 KB
5 KB 100ms
60ms Document
text/html 2606:4700:3032::ac43:a1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce241094b84e99359cfd8f3a02aeaf6f3a7cc1133237b40d79b8842d0f8be80a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88c27b64f9ce4d91-FRA
content-encoding: br
content-type: text/html
date: Thu, 30 May 2024 23:25:11 GMT
last-modified: Mon, 27 May 2024 13:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=adLyTcmqzgUhYrPCgMW71o5fzZEgW38eAg7k89d5sR5EpKNHuhBvOoFBStwwIdYZB7Bddc6nYPLXJZB%2FLldCxkLGw1VqMTkoNoP9aA1LqipB0aGK%2Ff0e4MtSNl6K6RTJ%2FFhdXOClLwreDxlC1Am8yJp%2FeMjaBdq%2BwJg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 core.css
cepte.ak-basvurumerkezi.com/ 553 KB
63 KB 81ms
79ms Stylesheet
text/css 2606:4700:3032::ac43:a1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/core.css
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c9f52d4f036409fe38e10e15610cef5111e930b34674c31a752d6dcdc34a3f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 13:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665490ac-8a34a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yiy%2Bnkm5%2BfEGAVRUddSFnhLNHaXi2TbWlu7vOMXRiyRw9XPSDWQIw%2B59NPMelxN%2FdprhdafuavXOfhV85kOd9YsszMe0b4oAVBQIt%2FfbL8XcZyoB37%2B9aNvE1CJR3xZ3m64u8oOAArBqJH9pi1aq%2FD0pk%2FTCbj%2BhbrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88c27b656a254d91-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
cepte.ak-basvurumerkezi.com/ 154 KB
22 KB 60ms
59ms Stylesheet
text/css 2606:4700:3032::ac43:a1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/main.css
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 154c9d6435e74eb37dbe0507d82e21fab233fd8e0d37f190da99fc5e98fdae87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 13:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665490ad-266a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXQPce57K%2FbTRn6MFruiJXG7nxcEQwEU2uWhm%2Fxq0aAoYDiGw3vZ96oRwf6qVSdEnrNo1gNmiwI25NZvzhT4YvMjE3DoTlQjxVj37jqH5aASV2PWLNw%2B2XIGGcBdnCPwjcFeK%2Bn113Mh7f2KZDeNS57KBrbUKd%2BBuHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88c27b656a274d91-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 34ms
6ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 22309313
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-fra-etou8220131-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1717111512.930359,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 133, 34664

GET
H2 200 pa.js Show response
api.pirsch.io/ 10 KB
3 KB 43ms
9ms Script
text/javascript 2a01:4f8:c012:cb50::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pirsch.io/pa.js
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:c012:cb50::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Caddy /
Resource Hash: 81fecb72264213a39ca7c36d1763468f4a9604b3c52a923262e8e281582717e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
content-encoding: gzip
last-modified: Mon, 27 May 2024 09:21:59 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-Width, Sec-CH-Viewport-Width
server: Caddy
vary: Origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000

GET
H2 200 standart_logo.svg
cepte.ak-basvurumerkezi.com/ 2 KB
1 KB 64ms
63ms Image
image/svg+xml 2606:4700:3032::ac43:a1ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cepte.ak-basvurumerkezi.com/standart_logo.svg
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a1ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 988fdb5c83c68e79b83feb2df8fe1c479e81ad461c748a62b07f9cf978cbd884

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 13:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665490ad-77f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfOr7bsb3DeoCZuoFIS73kXZ17PtsEVk70rkOtqaxo6LnTuIL6704gkBmTJr8hsksLea9MolM1N9V6%2B5oot1yIP4wpdN3TL4L%2BT2qiqfoCiNFzrwrq1WTnjL3qUNeFvk%2Fd37UXhMxrP9KwJKsAkDazh0v%2BF3cyRbkxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88c27b656a2a4d91-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 sprite-icons-46d76763.svg
cepte.ak-basvurumerkezi.com/images/icons/sprite-icons/ 808 B
808 B 75ms
74ms Image
text/html 172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cepte.ak-basvurumerkezi.com/images/icons/sprite-icons/sprite-icons-46d76763.svg
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/core.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/core.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 15:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWoNt0%2F00uB1crSqnrMMUqorrsYdngjn6zNqEf4q%2FCJqK2QqrLfe7r0kDaPt41G6gcpMEGgM1nlug9dQGh75scRLT4WK31kV6jnsQqdFOm4byEQy1%2FskkUCd5YwGLHamg08MJKWD21whR%2FJmWNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 88c27b665a0f5d86-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 OpenSans-Regular.woff
cepte.ak-basvurumerkezi.com/ 62 KB
63 KB 69ms
68ms Font
font/woff 172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/OpenSans-Regular.woff
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/main.css
Origin: https://cepte.ak-basvurumerkezi.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 13:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665490ad-f8e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM%2BM8bwnK5PWA1iv1EM7zyhFpq19EAiWDQvXGLaUhFnyuCXqlFg3g%2B0lZIFGrfVaSHq%2BeHSwgO1SO%2BXobzs4OFgd1PgTrStDRLrAfV2eaN75l3TXP8o4qoX0esngxvK5CeNAMKy6yezSzREQ3C0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c27b666a185d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63712

GET
H3 200 OpenSans-Semibold.woff
cepte.ak-basvurumerkezi.com/ 63 KB
63 KB 63ms
62ms Font
font/woff 172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/OpenSans-Semibold.woff
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f0887372375924df3b85539fcef9e754c10b86eacc70addf61e00f6b50f37e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/main.css
Origin: https://cepte.ak-basvurumerkezi.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 13:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665490ad-fb84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SCWF4KTf%2FHG56DGPszSHDdof1%2FG1iCFgecp3UFrDU%2BC2B4HhjN%2BpOLSFxV7pwFZFrPVaPH02H7t7oIHCYXhaGwh9SNP5SLCalHIfgA3mxXErksRx8BDY5HxUKqgNHmcDMcRAWRrgvQcURbdokI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c27b666a1a5d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 64388

GET
H3 200 OpenSans-Light.woff
cepte.ak-basvurumerkezi.com/ 61 KB
62 KB 70ms
69ms Font
font/woff 172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/OpenSans-Light.woff
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8560f9bdddaa5e89f2d1d1403681932c574de5377c6d0dd5c1aa408c91a3e979

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/main.css
Origin: https://cepte.ak-basvurumerkezi.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 27 May 2024 13:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "665490ad-f57c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6BmCzrXclrhppZylSca3crOlevsB7T10aQb%2FBrDL0JTaTcstgFkPM9e5FJAIMg1tqWO0RHkjgAS9TXpq8l8kd2LfkkeLaIshwX0sMBQHP1McBlYle0l%2FQHulFoWVI8cTXmMcw2yOTM%2B11yDtaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c27b666a1b5d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62844

GET
H2 400 hit Show response
api.pirsch.io/ 240 B
379 B 422ms
105ms XHR
text/plain 2a01:4f8:c012:cb50::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pirsch.io/hit?nc=1717111512064&code=vn5CA22wtYL3RGY0TRkGeFXIgx2mwJQf&url=https%3A%2F%2Fcepte.ak-basvurumerkezi.com%2F&t=Akbank%20Mobil%20-%20Ho%C5%9F%C3%A7akal%C4%B1n!&ref=&w=1600&h=1200
Requested by: Host: api.pirsch.io
URL: https://api.pirsch.io/pa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:c012:cb50::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Caddy /
Resource Hash: a1883c22a01ad920486326edba93b1bef464ad241e709739e74967a7fa4886b2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
server: Caddy
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000
content-length: 240

GET
H3

200

main.js Show response
cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 1D7C
Redirect Chain

https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

15ms
15ms

Script
application/javascript

172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Requested by

Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/

Protocol

Server

172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5f9bc4332befa5621faa742bef827cea231b83461f3422c7897ac82a13235b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkSlTMzo2KahOe3Bn%2BPuehG7hdg2bWy3HpGj9RAn6Wp2MaFYLc6zKbwwJZigRrqo%2BznBPZuPedteJsiDr6%2BYrNH6oYvgLCVf9HiTyueVRylDPIHgyYKsSyfDIgUk6pZ7VWtKWXacR1set%2FwQ2TE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88c27b668a305d86-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 30 May 2024 23:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaaGlNhRctM8v1yfGR9LBc7Ltdj%2BqkR24RUfdveifY8Mc8%2FXWitZXvv4NW69W3N5BpYH5vOC1pgNwU6tcg02RkHKkTAyUz%2BkVETezK9rpM3p9ehNMHBpZ13R0A65QFkXJ43O1p%2F8q71%2FmR4cpo0%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 88c27b667a215d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 88c27b64f9ce4d91 Show response
cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1D7C 0
607 B 38ms
38ms XHR
text/plain 172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/h/g/jsd/r/88c27b64f9ce4d91
Requested by: Host: cepte.ak-basvurumerkezi.com
URL: https://cepte.ak-basvurumerkezi.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlbv4bufGwN0rB3VdiRZPeLLTqcRjmLPfQb2oIfmQMCHctHTW%2F0NFU6AWPkytbjvzwej9KUH5BJwryVXTAVPCS2YY0WgR1EMBhVTsoFX32XQEy8UFeAuM6l2x8CWSiaaziw084VWOeE1wlTBFFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88c27b676a9c5d86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 404 favicon.ico
cepte.ak-basvurumerkezi.com/ 808 B
860 B 70ms
69ms Other
text/html 172.67.161.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cepte.ak-basvurumerkezi.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cepte.ak-basvurumerkezi.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 23:25:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 15:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XWEd7bYwFEfshTUZQhTQo5A4nSw6yDVc7PPf2snReiGVWazCrsOHJzxvmsoFJl51bFjw8DhHgh076r%2FA0vqSTiQDGBSGt1iyNKdOWxmNTTexpX53nldH8y8EMjOhAyiZHwmGyqCcJRMdW08ryk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 88c27b678aa75d86-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AKBank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ak-basvurumerkezi.com/	1970-01-21 05:44:07	Name: cf_clearance Value: q0poNKSNffPqUTbQV4_ol3lDlJEEGkNuei6bvfXH3RQ-1717111512-1.0.1.1-.KSMDkxtUAqIEB32i4i0dAu_BhrtyZ.YGri.z4piViEQbYuzv1gfJwrHz657uh7HM8kkFsj5.gfE8jtvTUSGIA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://cepte.ak-basvurumerkezi.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://cepte.ak-basvurumerkezi.com/images/icons/sprite-icons/sprite-icons-46d76763.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cepte.ak-basvurumerkezi.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.pirsch.io/hit?nc=1717111512064&code=vn5CA22wtYL3RGY0TRkGeFXIgx2mwJQf&url=https%3A%2F%2Fcepte.ak-basvurumerkezi.com%2F&t=Akbank%20Mobil%20-%20Ho%C5%9F%C3%A7akal%C4%B1n!&ref=&w=1600&h=1200 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pirsch.io
cepte.ak-basvurumerkezi.com
code.jquery.com
172.67.161.171
2606:4700:3032::ac43:a1ab
2a01:4f8:c012:cb50::1
2a04:4e42:400::649
154c9d6435e74eb37dbe0507d82e21fab233fd8e0d37f190da99fc5e98fdae87
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
81fecb72264213a39ca7c36d1763468f4a9604b3c52a923262e8e281582717e6
8560f9bdddaa5e89f2d1d1403681932c574de5377c6d0dd5c1aa408c91a3e979
988fdb5c83c68e79b83feb2df8fe1c479e81ad461c748a62b07f9cf978cbd884
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1883c22a01ad920486326edba93b1bef464ad241e709739e74967a7fa4886b2
b3f0887372375924df3b85539fcef9e754c10b86eacc70addf61e00f6b50f37e
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c5f9bc4332befa5621faa742bef827cea231b83461f3422c7897ac82a13235b3
ce241094b84e99359cfd8f3a02aeaf6f3a7cc1133237b40d79b8842d0f8be80a
d2c9f52d4f036409fe38e10e15610cef5111e930b34674c31a752d6dcdc34a3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cepte.ak-basvurumerkezi.com Open in urlscan Pro 2606:4700:3032::ac43:a1ab Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

75 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

320 kBTransfer

1032 kBSize

1 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

cepte.ak-basvurumerkezi.com Open in urlscan Pro
2606:4700:3032::ac43:a1ab Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

320 kB
Transfer

1032 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!