safelinks.arcelik.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 212.115.22.30, located in Istanbul, Turkey and belongs to BORUSANTELEKOM-AS, TR. The main domain is safelinks.arcelik.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 2nd 2023. Valid for: a year.

This is the only time safelinks.arcelik.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

download 85 KB application/pdf

SHA256: c1c9464b3c0acb72bfe9ce72fbe74087e87674c3fee8d7376c916ebdfedefd24

MIME: PDF document, version 1.7

Size: 85 KB (87546 bytes, 100% done)

Downloaded from: https://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8

Domain & IP information

	IP Address	AS Autonomous System
2	212.115.22.30 212.115.22.30	15924 (BORUSANTE...) (BORUSANTELEKOM-AS)
1 2	185.40.75.135 185.40.75.135	199484 (SAGLAYICI) (SAGLAYICI)
3	2

2 212.115.22.30 (Istanbul, Turkey)

ASN15924 (BORUSANTELEKOM-AS, TR)

safelinks.arcelik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.40.75.135 (Istanbul, Turkey) 1 redirects

ASN199484 (SAGLAYICI, TR)
PTR: 185-40-75-135.rdns.saglayici.net

cis.acischools.k12.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	acischools.k12.tr 1 redirects cis.acischools.k12.tr	309 B
2	arcelik.com safelinks.arcelik.com	3 KB
3	2

	Domain	Requested by
2	cis.acischools.k12.tr	1 redirects safelinks.arcelik.com
2	safelinks.arcelik.com	safelinks.arcelik.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
*.arcelik.com GlobalSign RSA OV SSL CA 2018	`2023-03-02` - `2024-04-02`	a year	crt.sh
*.acischools.k12.tr Sectigo RSA Domain Validation Secure Server CA	`2023-03-04` - `2024-03-14`	a year	crt.sh

This page contains 1 frames:

Frame: https://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8
Frame ID: D8D185BDF38EA8F941404733D4574D41
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FortiMail Click Protection: Evaluating URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3 kB
Transfer

5 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8 HTTP 302
https://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
safelinks.arcelik.com/fmlurlsvc/ 5 KB
2 KB 557ms
74ms Document
text/html 212.115.22.30
BORUSANTELEKOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://safelinks.arcelik.com/fmlurlsvc/?fewReq=:B:JVI2PTk7Nip6MT4iPCplaDE8PTY8PSp/ZWtibXh5fmkxbjw+aTs8ND9tP248b2g9bj9pPz85NG9vPG00aG0+PD8/NW45Pm1qPyp4MT07PDg/OT04NToqfWVoMTg8ODp7Szt+PD00OTQ+ITg8ODp7Szt4PD00OTQ+Kn5vfHgxYWlgZX8if2lib2l+TG1+b2lgZWcib2NhInh+Km8xPzwqZGhgMTw=&url=http%3a%2f%2fcis.acischools.k12.tr%2fBelgeYonetimi%2fEmailDokumanIndirByDokumanGuid%3fDokumanGuid%3d602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.115.22.30 Istanbul, Turkey, ASN15924 (BORUSANTELEKOM-AS, TR),

Reverse DNS

Software

/

Resource Hash

5055df5d3d2c1137e6fcc233d4982b1afa8a9f8d686b494cf24c4b31bd878d7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1726
Content-Security-Policy: script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Content-Type: text/html; CharSet=utf-8
Date: Wed, 14 Feb 2024 13:02:08 GMT
Keep-Alive: timeout=5, max=100
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

POST
H/1.1 302
Found / Show response
safelinks.arcelik.com//fmlurlsvc/ 136 B
585 B 515ms
515ms XHR
text/plain 212.115.22.30
BORUSANTELEKOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://safelinks.arcelik.com//fmlurlsvc/?fewReq=:B:JVI2PTk7Nip6MT4iPCplaDE8PTY8PSp/ZWtibXh5fmkxbjw+aTs8ND9tP248b2g9bj9pPz85NG9vPG00aG0+PD8/NW45Pm1qPyp4MT07PDg/OT04NToqfWVoMTg8ODp7Szt+PD00OTQ+ITg8ODp7Szt4PD00OTQ+Kn5vfHgxYWlgZX8if2lib2l+TG1+b2lgZWcib2NhInh+Km8xPzwqZGhgMTw=&url=http%3a%2f%2fcis.acischools.k12.tr%2fBelgeYonetimi%2fEmailDokumanIndirByDokumanGuid%3fDokumanGuid%3d602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8&fmlEvlTk

Requested by

Host: safelinks.arcelik.com
URL: https://safelinks.arcelik.com/fmlurlsvc/?fewReq=:B:JVI2PTk7Nip6MT4iPCplaDE8PTY8PSp/ZWtibXh5fmkxbjw+aTs8ND9tP248b2g9bj9pPz85NG9vPG00aG0+PD8/NW45Pm1qPyp4MT07PDg/OT04NToqfWVoMTg8ODp7Szt+PD00OTQ+ITg8ODp7Szt4PD00OTQ+Kn5vfHgxYWlgZX8if2lib2l+TG1+b2lgZWcib2NhInh+Km8xPzwqZGhgMTw=&url=http%3a%2f%2fcis.acischools.k12.tr%2fBelgeYonetimi%2fEmailDokumanIndirByDokumanGuid%3fDokumanGuid%3d602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.115.22.30 Istanbul, Turkey, ASN15924 (BORUSANTELEKOM-AS, TR),

Reverse DNS

Software

/

Resource Hash

7aa262ac7ee4a04f714735ce8de5247e57a6e9add30e7a9a8550b27ad32c2a7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safelinks.arcelik.com/fmlurlsvc/?fewReq=:B:JVI2PTk7Nip6MT4iPCplaDE8PTY8PSp/ZWtibXh5fmkxbjw+aTs8ND9tP248b2g9bj9pPz85NG9vPG00aG0+PD8/NW45Pm1qPyp4MT07PDg/OT04NToqfWVoMTg8ODp7Szt+PD00OTQ+ITg8ODp7Szt4PD00OTQ+Kn5vfHgxYWlgZX8if2lib2l+TG1+b2lgZWcib2NhInh+Km8xPzwqZGhgMTw=&url=http%3a%2f%2fcis.acischools.k12.tr%2fBelgeYonetimi%2fEmailDokumanIndirByDokumanGuid%3fDokumanGuid%3d602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 14 Feb 2024 13:02:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Access-Control-Allow-Origin: "*"
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
X-XSS-Protection: 1; mode=block

GET
H2

200

EmailDokumanIndirByDokumanGuid
cis.acischools.k12.tr/BelgeYonetimi/
Redirect Chain

http://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8
https://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8

0
0

436ms
264ms

Document
application/pdf

185.40.75.135
SAGLAYICI

General

Check archive.org

Show headers Download Go to

Full URL: https://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8
Requested by: Host: safelinks.arcelik.com
URL: https://safelinks.arcelik.com/fmlurlsvc/?fewReq=:B:JVI2PTk7Nip6MT4iPCplaDE8PTY8PSp/ZWtibXh5fmkxbjw+aTs8ND9tP248b2g9bj9pPz85NG9vPG00aG0+PD8/NW45Pm1qPyp4MT07PDg/OT04NToqfWVoMTg8ODp7Szt+PD00OTQ+ITg8ODp7Szt4PD00OTQ+Kn5vfHgxYWlgZX8if2lib2l+TG1+b2lgZWcib2NhInh+Km8xPzwqZGhgMTw=&url=http%3a%2f%2fcis.acischools.k12.tr%2fBelgeYonetimi%2fEmailDokumanIndirByDokumanGuid%3fDokumanGuid%3d602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.40.75.135 Istanbul, Turkey, ASN199484 (SAGLAYICI, TR),
Reverse DNS: 185-40-75-135.rdns.saglayici.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-disposition: attachment;filename=2. AÇI DÖNEMİ GR12 TELAFİ TAKVİMİ.pdf
content-type: application/pdf
date: Wed, 14 Feb 2024 13:02:09 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

Content-Length: 246
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Feb 2024 13:02:09 GMT
Location: https://cis.acischools.k12.tr/BelgeYonetimi/EmailDokumanIndirByDokumanGuid?DokumanGuid=602d0e18-3bf6-4089-9bc6-84fbaf1ec4d8
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clickProtection

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cis.acischools.k12.tr/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: srb4w2z0blsjrllcs0fhowcq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cis.acischools.k12.tr
safelinks.arcelik.com
185.40.75.135
212.115.22.30
5055df5d3d2c1137e6fcc233d4982b1afa8a9f8d686b494cf24c4b31bd878d7a
7aa262ac7ee4a04f714735ce8de5247e57a6e9add30e7a9a8550b27ad32c2a7c

safelinks.arcelik.com Open in urlscan Pro 212.115.22.30 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

3 kBTransfer

5 kBSize

1 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

safelinks.arcelik.com Open in urlscan Pro
212.115.22.30 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3 kB
Transfer

5 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions