emeklibasvurum.com Open in urlscan Pro
2606:4700:3034::6815:688 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://emeklibasvurum.com/
Submission: On September 07 via api (September 7th 2024, 11:21:07 am UTC) from TR — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3034::6815:688, located in United States and belongs to CLOUDFLARENET, US. The main domain is emeklibasvurum.com.
TLS certificate: Issued by WE1 on September 6th 2024. Valid for: 3 months.

This is the only time emeklibasvurum.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::6815:688	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
13	2

12 2606:4700:3034::6815:688 (United States)

ASN13335 (CLOUDFLARENET, US)

emeklibasvurum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	emeklibasvurum.com emeklibasvurum.com	414 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	31 KB
13	2

	Domain	Requested by
12	emeklibasvurum.com	emeklibasvurum.com
1	code.jquery.com	emeklibasvurum.com
13	2

This site contains no links.

Subject Issuer	Validity	Valid
emeklibasvurum.com WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://emeklibasvurum.com/
Frame ID: F97E858C9F71C314B8A1DC01F218DD50
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hoş Geldiniz | Ziraat Bankası İnternet Bankacılığı

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

444 kB
Transfer

1334 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response emeklibasvurum.com/	88 KB 8 KB	426ms 315ms	Document text/html	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `678c04c996cbb569da0fc66d5801d09eb24c1c4389b8f3230e9b7b920f0a3035` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8bf65018a859aab4-YYZ content-encoding br content-type text/html; charset=UTF-8 date Sat, 07 Sep 2024 11:21:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7pqng1l3ZbNqwM12D6UVi7D8dumiIli0lPB%2FM1fO4k9CUScwW9oq1pvrYi%2BDSsalS9zfBO2DDBjqJReEqk4Du%2FLCFCfl2KHgY%2BC1yFkIJQcHgm04jukt%2FyDNAuo3KKCb%2BzTjQvGoatM8Y5HhBArAB4c%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	plugins.min.css emeklibasvurum.com/Content/assets/bundle/css/	341 KB 54 KB	518ms 517ms	Stylesheet text/css	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/Content/assets/bundle/css/plugins.min.css Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee81740f6cc74f3e18b1a459058b371b76febbc1ae8b6365783f17a046212719` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"555ae-666642f2-e1c45;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnJCjmCbw%2B%2FZqhqt%2BrVGDvSDqxXFNnSVU2%2B2UMzl%2B%2Fs2BT6AWLNSK671yMjR5cFIj42e9l1F%2FicL87m9xENpgRxYf5%2BA6ZD2kvpmtMCa3CH%2FUrIscC%2BS4Zog9u8%2Fb3%2BMu4yqb1VHikM9jO8sVR3Xhnc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8bf6501ab9d8aab4-YYZ alt-svc h3=":443"; ma=86400 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	sub.min.css emeklibasvurum.com/Content/assets/bundle/css/	541 KB 71 KB	496ms 495ms	Stylesheet text/css	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `50b033e053c9707c86314ed31c05d31fd1768ede279d4b676de687d6b19ca122` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT content-encoding br cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"8753c-666642f2-e1c44;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oo7XE5jZ5hM18IQo%2FI5eym%2BdUQn7Vr3bh2ZD8VJLpJxG5KawRYuitILAHvn6l61fT552GRqiYcV4O7Xb4lTZOnlTozWpgiLDDaL2WohqiuBlLQW2jT2sScq3M2pidsjJzGdfDxBELFoJvGKlQSPD0ew%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8bf6501ab9daaab4-YYZ alt-svc h3=":443"; ma=86400 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	phone.png emeklibasvurum.com/Content/assets/img/	8 KB 9 KB	317ms 317ms	Image image/png	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://emeklibasvurum.com/Content/assets/img/phone.png Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "20ba-666642f2-e1c4a;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44BIk%2FkETRpp%2FEwXE4oQ0GPv9XjT%2BHBiTzglEYwukIeP6ltLVJ6gH%2BN5qwKTXAlPl1pNTIzhPJ%2B8L2fzUh%2B9bOgzlVgATbdQA3huU1irnieW991%2BgSp6CsZNBUgaxfioc26KMo%2FT9jlx3YOSMWu%2FNYA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501ab9ddaab4-YYZ alt-svc h3=":443"; ma=86400 content-length 8378 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	phone.png emeklibasvurum.com/Content/assets/img/login/	10 KB 10 KB	310ms 309ms	Image image/png	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://emeklibasvurum.com/Content/assets/img/login/phone.png Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2637-666642f2-e1c48;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBX%2FGHJ4zuAH5R1Yxp7IdLTGNPXdF3MlR441V0ph8mRjoV9u4tBHvI7Dgp%2B%2BpsYZehaD5ZVje4vCz8qJR%2BbNBVkhdUHV%2FMW9VKcCgSLYW7huVHXwgPYBCK0F84XqaOgk2Gf5DIOdVwD9snimZIubN7c%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501ab9e0aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 9783 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	comodo-logo.png emeklibasvurum.com/Content/assets/img/	6 KB 7 KB	310ms 309ms	Image image/png	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://emeklibasvurum.com/Content/assets/img/comodo-logo.png Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1897-666642f2-e1c49;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jc6Ll2yONo7RaizrWK6zPdoHIofP2EfdF1eW1qZ68J9m3nLeNlC7HpFi3ZPsL2T%2B9U5F2N3eeuWyyb1HtUViphYRlvAMcgJnxEXb0HOSyw%2Bmp7x7qwupPZqfa%2FJFd7cOF%2FwgJJ3mDFbvqJYz2DSIE70%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501b0a35aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 6295 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H2	200	jquery-3.6.4.min.js Show response code.jquery.com/	88 KB 31 KB	140ms 23ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.4.min.js Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 961557 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 31011 x-served-by cache-lga21953-LGA, cache-yyz4550-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1725708062.039381,VS0,VE0 etag W/"28feccc0-15ec3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 34423, 6166
GET H3	404	script.js emeklibasvurum.com/client-side/	0 0	324ms 321ms	Script text/html	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/client-side/script.js?v=1 Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 07 Sep 2024 11:21:02 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb7Rf9EYzqpi3kwO9tuyBU22PRzNZ%2BSSjLPK8YfTz0TRMTIQphHTs8uxqMU0bF3uZHvT9I0plkdUmv%2BijKpZTrgODVBDnQ7LrIwiIQsM2EGdypgWGG3hQjDBdQd78q7BXhimHLm0XnvEusPlrdCWqpc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control private, no-cache, max-age=0 cf-ray 8bf6501b0a34aab4-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	login-bg.jpg emeklibasvurum.com/Content/assets/img/	104 KB 105 KB	513ms 513ms	Image image/jpeg	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://emeklibasvurum.com/Content/assets/img/login-bg.jpg?v=20181004 Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82` Request headers Referer https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1a0dd-666642f2-e1c4d;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9geN3RxQQjZ9MjfVJA6u4ANNJtLpfBEyGijEk%2Bj0Nw3F0x8OEKTts35FPFDBk%2FlvRTzpXiKhtGPTL9AoWf%2FznXOEQzn2FgNsBqCCyW8SZYDKEXveNv0UdFNg892U95fO7A7rd9DHMZUL0R%2FnUefIlcg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501e6c69aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 106717 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	BB78E1BCF28E9E4CC.woff2 emeklibasvurum.com/Content/assets/css/webfonts/new/	13 KB 14 KB	310ms 309ms	Font font/woff2	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2 Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544` Request headers Referer https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Origin https://emeklibasvurum.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "349c-666642f2-e1c56;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=re6Tth1CX%2Fn7ryB3BhNDmv9I7zID2lcDMzITYOu9hqdtajSnpDZthBk3OX3ww743NlWf4VmybU6VV0qzpSR3M%2BJ7i7tytgchCsCAXPIR41PRkyQ4q1VcDRm7ISVYDOxl3TK04KYTa79BnJmKCN5YKgE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501e9c90aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 13468 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	icomoon.woff2 emeklibasvurum.com/Content/assets/css/fonts/	98 KB 98 KB	505ms 505ms	Font font/woff2	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/Content/assets/css/fonts/icomoon.woff2 Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4eb0a95d46a2a21d2a033af489807a56e8669c172839474ed2ab8865ee40994f` Request headers Referer https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Origin https://emeklibasvurum.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "186a0-666642f2-e1c52;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZ6tYTHkdOR8Lb9Fnh6sKAVph8Etm94%2B4Sc1U7Y7pITpMNGx8O3zhx1ST6KRMz0kvAkQM4URRFXjXZ50%2BhXVDvITlaZ0XCfBHg%2BqdQUq%2FQwAN5%2Fd%2F2Z1rK0KYIMXm5etiKOdr%2Bf1%2FMzT6YFOmvxHmqY%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501e9c91aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 100000 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	D40DF048D299CA4DD.woff2 emeklibasvurum.com/Content/assets/css/webfonts/new/	13 KB 14 KB	308ms 307ms	Font font/woff2	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2 Requested by Host: emeklibasvurum.com URL: https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472` Request headers Referer https://emeklibasvurum.com/Content/assets/bundle/css/sub.min.css Origin https://emeklibasvurum.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:02 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "34a4-666642f2-e1c57;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0Mw%2F2pbZE%2BKG6jbNlfR%2BgtvXt6eN6%2FmV%2Bo4IWMjLhOYj3%2BhCB0alzYXrSCygUtq8j1LPE3fv3rW3krIng%2FDPvqolTNE9LmaPsGvZfwIINDSsv1EQarLhu3QZckys0hIuP%2BInUojB024tT2nBaSVKGE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf6501e9c92aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 13476 expires Sat, 14 Sep 2024 11:21:02 GMT
GET H3	200	touch_icon.png emeklibasvurum.com/Content/assets/img/	24 KB 25 KB	400ms 400ms	Other image/png	2606:4700:3034::6815:688 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://emeklibasvurum.com/Content/assets/img/touch_icon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:688 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166` Request headers Referer https://emeklibasvurum.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 07 Sep 2024 11:21:03 GMT cf-cache-status MISS last-modified Mon, 10 Jun 2024 00:04:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6066-666642f2-e1c4e;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fdIJ7pq5eRTrNwp1uRlMUHjBi0GG3mL8tHfVd1IpCFxEP2uw7anLcT5evFkBwJrYAmeY33HP5R2WeOr4cld8uzaomQRhePq8ivFc%2Fz4dfFTXFWq5nKAHQ3%2Bmtt7I4n63j8KEFeUG045QNZxw2ph2ms%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cf-ray 8bf650228fa0aab4-YYZ alt-svc h3=":443"; ma=86400 content-length 24678 expires Sat, 14 Sep 2024 11:21:03 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://emeklibasvurum.com/client-side/script.js?v=1 Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://emeklibasvurum.com/ Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
emeklibasvurum.com
2606:4700:3034::6815:688
2a04:4e42:600::649
2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544
3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166
4eb0a95d46a2a21d2a033af489807a56e8669c172839474ed2ab8865ee40994f
50b033e053c9707c86314ed31c05d31fd1768ede279d4b676de687d6b19ca122
678c04c996cbb569da0fc66d5801d09eb24c1c4389b8f3230e9b7b920f0a3035
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077
ee81740f6cc74f3e18b1a459058b371b76febbc1ae8b6365783f17a046212719

emeklibasvurum.com Open in urlscan Pro 2606:4700:3034::6815:688 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

444 kBTransfer

1334 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

emeklibasvurum.com Open in urlscan Pro
2606:4700:3034::6815:688 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

444 kB
Transfer

1334 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!