hizli-giris-ak.com Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hizli-giris-ak.com/
Effective URL:
https://hizli-giris-ak.com/
Submission: On May 26 via api (May 26th 2024, 12:48:04 pm UTC) from TR — Scanned from NL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is hizli-giris-ak.com.
TLS certificate: Issued by GTS CA 1P5 on May 26th 2024. Valid for: 3 months.

This is the only time hizli-giris-ak.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AKBank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 12	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	2a01:4f8:1c1b... 2a01:4f8:1c1b:cb09::1	24940 (HETZNER-AS) (HETZNER-AS)
14	3

12 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hizli-giris-ak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:1c1b:cb09::1 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)

api.pirsch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	hizli-giris-ak.com 1 redirects hizli-giris-ak.com	286 KB
2	pirsch.io api.pirsch.io — Cisco Umbrella Rank: 111213	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	31 KB
14	3

	Domain	Requested by
12	hizli-giris-ak.com	1 redirects hizli-giris-ak.com
2	api.pirsch.io	hizli-giris-ak.com api.pirsch.io
1	code.jquery.com	hizli-giris-ak.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
hizli-giris-ak.com GTS CA 1P5	`2024-05-26` - `2024-08-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.pirsch.io R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://hizli-giris-ak.com/
Frame ID: A7DE32AF0A3C6FCC17796953A0EB5497
Requests: 12 HTTP requests in this frame

Frame: https://hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 6598358A5D4BF4C37226F055CD565C40
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Akbank Mobil - Hoşçakalın!

Page URL History Show full URLs

http://hizli-giris-ak.com/ HTTP 307
https://hizli-giris-ak.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

320 kB
Transfer

1031 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hizli-giris-ak.com/ HTTP 307
https://hizli-giris-ak.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://hizli-giris-ak.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
hizli-giris-ak.com/
Redirect Chain

http://hizli-giris-ak.com/
https://hizli-giris-ak.com/

29 KB
5 KB

127ms
72ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e62c693caf9885d084645505d814820b18f9d846cef9097e0c29173f78de7b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 889de07e7c9cbbef-FRA
content-encoding: br
content-type: text/html
date: Sun, 26 May 2024 12:47:59 GMT
last-modified: Sun, 26 May 2024 11:48:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VqLwCXYiuqs01c2wRxARz1u%2FwcEKyOS0EDZUvXDYequRWhf9McQK3r7t38ZBuo%2FMvX2rIQFTlHoaiT0hzsBuqDODTot6vYtizTo%2BO9p3YSoP8AbbSRbyul1PaRuVT54dLGzbE98%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://hizli-giris-ak.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 core.css
hizli-giris-ak.com/ 553 KB
63 KB 55ms
54ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/core.css
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c9f52d4f036409fe38e10e15610cef5111e930b34674c31a752d6dcdc34a3f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:47:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 16:33:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3411
etag: W/"663ba952-8a34a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkCmTXWQUbBRglzEaEqzNvyhT2GhjxRHQQSBsTtS9tnhTsp%2FpbhGCxNEVBCzYnNHjR5R65H%2B27ABh%2FZn9HQPJLN9KDpmiTubpYS%2FJA1AkvHtFnAk%2BLstN6jV7LnPZFu5ioxGHj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 889de07eed5ebbef-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.css
hizli-giris-ak.com/ 154 KB
22 KB 36ms
36ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/main.css
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 154c9d6435e74eb37dbe0507d82e21fab233fd8e0d37f190da99fc5e98fdae87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:47:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 15:59:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3411
etag: W/"663ba152-266a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feUhDfPyS7Ukse8tMs0Mnff%2ByjS2m3%2FDoDIQGm50F9WTTtmPka2VjZu2AFD6cx%2Bo9NW%2FGFiCN2ZjZHo%2Bp5r6%2FGAFo91I2omN6aGMP2uTN1Ep1bKEuOVebmlG0sOHGWcvypZ1k1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 889de07eed61bbef-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 152ms
44ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:47:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 21927072
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-mad2200100-MAD
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716727680.946760,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 129, 73633

GET
H2 200 pa.js Show response
api.pirsch.io/ 10 KB
3 KB 92ms
34ms Script
text/javascript 2a01:4f8:1c1b:cb09::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pirsch.io/pa.js
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:1c1b:cb09::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Caddy /
Resource Hash: 81fecb72264213a39ca7c36d1763468f4a9604b3c52a923262e8e281582717e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:47:59 GMT
content-encoding: gzip
last-modified: Sun, 26 May 2024 08:54:06 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-Width, Sec-CH-Viewport-Width
server: Caddy
vary: Origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000

GET
H3 200 standart_logo.svg
hizli-giris-ak.com/ 2 KB
1 KB 35ms
34ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hizli-giris-ak.com/standart_logo.svg
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 988fdb5c83c68e79b83feb2df8fe1c479e81ad461c748a62b07f9cf978cbd884

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:47:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 01:51:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3410
etag: W/"65f64c96-77f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzdzyfVD71POJ9mdczxVTLbR7MY9NsZpi%2B50WJba%2FipLOpxswc4p%2B9fzZ5cYn7F1qNAPjPse0PUZHOFbExUWdW7eDyzK4VC1fnZdMnepvtx4aKF1WlUWgk4WNvkpNhPr%2B6yV%2FhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 889de07eed64bbef-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 sprite-icons-46d76763.svg
hizli-giris-ak.com/images/icons/sprite-icons/ 808 B
808 B 34ms
34ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hizli-giris-ak.com/images/icons/sprite-icons/sprite-icons-46d76763.svg
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/core.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/core.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Apr 2024 15:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQAapkRn4MRjNTMR2jg1xCXHdgjGIIV%2F%2BvsUkURwEt4F%2FLvzrhwJWX7F9sY9juvekaUKouVY84l7tmdoA69ukiYgYDuT%2F2cExuJ9nBd33%2BXiaUw%2FkDve%2BsiBxOZYUcr8md%2FJFEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 889de0803f0ebbef-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 OpenSans-Regular.woff
hizli-giris-ak.com/ 62 KB
63 KB 31ms
29ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/OpenSans-Regular.woff
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/main.css
Origin: https://hizli-giris-ak.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 01:51:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2510
etag: "65f64c96-f8e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyyZ5v4wURtGUzeh0MKsKFW2Fl81Kbw93twljCRxnB%2FYS3qV8tV%2Bccy4fHDczdKEfLLzywzG78plYMLHA6MT4hhWyxb3%2Br6sO%2FIqhbv1gi4sAHDnU%2B9qPQKkoyIxEnwdQXAngMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 889de0805f41bbef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63712

GET
H3 200 OpenSans-Semibold.woff
hizli-giris-ak.com/ 63 KB
63 KB 53ms
52ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/OpenSans-Semibold.woff
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f0887372375924df3b85539fcef9e754c10b86eacc70addf61e00f6b50f37e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/main.css
Origin: https://hizli-giris-ak.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 01:51:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2510
etag: "65f64c96-fb84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVuz2MsytcxV9IygwaDIGPM%2BlZSV%2FbOGcP%2BghwjLbwxP%2FOz6Tt9YUKMThOFGK%2BrXNwllxk0y%2F5DsBQg8m09kUJ%2BweaZVzJkh8dV0X1Q7H7okiaxJ5uiPPRWxsT4v%2BxKdqz%2FUq%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 889de0805f46bbef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 64388

GET
H3 200 OpenSans-Light.woff
hizli-giris-ak.com/ 61 KB
62 KB 73ms
72ms Font
font/woff 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/OpenSans-Light.woff
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8560f9bdddaa5e89f2d1d1403681932c574de5377c6d0dd5c1aa408c91a3e979

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/main.css
Origin: https://hizli-giris-ak.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 01:51:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2510
etag: "65f64c96-f57c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVFfC70zFJT%2FPvCGNmHdUc%2BX0Ha%2Bqk4Fj5lgws8qd33K1gJ7okRqzMXpM4pK5GiA2H3gqLn8ElTW6tzS5oTKicqKxmofb%2BawdNUfb%2B0RTMV%2F2Q8aT08a40Zr%2BEhNsX1OfL4RvNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 889de0805f49bbef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62844

GET
H2 200 hit Show response
api.pirsch.io/ 0
109 B 378ms
32ms XHR
text/plain 2a01:4f8:1c1b:cb09::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pirsch.io/hit?nc=1716727680047&code=vn5CA22wtYL3RGY0TRkGeFXIgx2mwJQf&url=https%3A%2F%2Fhizli-giris-ak.com%2F&t=Akbank%20Mobil%20-%20Ho%C5%9F%C3%A7akal%C4%B1n!&ref=&w=1600&h=1200
Requested by: Host: api.pirsch.io
URL: https://api.pirsch.io/pa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:1c1b:cb09::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Caddy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 26 May 2024 12:48:00 GMT
access-control-allow-credentials: true
server: Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 0
vary: Origin

GET
H3

200

main.js Show response
hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 6598
Redirect Chain

https://hizli-giris-ak.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

8 KB
4 KB

29ms
27ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

Requested by

Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1c2810694b87dfbb14685a0ef65830846e24a281f8842049b78c640d82e750

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyJdI6rN%2BytxbFuPubQ%2BAl7gED%2FgpQaD8Kms2lxITTXZ8Q7p6mpaSsMe%2FW9tji9ELICOIfQUlJuwTsawWkkH2XXeHBiKzTNfPN%2F6LoJOtvzrxQErsULaHQWmQq0jA8zhXdsZ3xA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 889de080cfefbbef-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 26 May 2024 12:48:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUja1auZN0uvSsefclbuF59DfJ1YbJ%2FQn9zy4d9iiUgJvdXaKILOv6DXEHUuezBv%2Bwl08LNA8cOtyFla6Wzi9qgY%2BOu4JVbsWbadkAfIvzwkRt%2Ftdv2MvgVsv2sOuYBE%2F1j%2FDxk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control: max-age=300, public
cf-ray: 889de0805f54bbef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 404 favicon.ico
hizli-giris-ak.com/ 808 B
854 B 94ms
93ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://hizli-giris-ak.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 15:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSk3oK8QF9he8Lhj2DCLWZPfo58RgRCVTw%2BSS9PPntWn5jWXoVc3P5jn6lYfsxFE8Dnw%2FrFd1oy8cGVgizJU2gy18S0nZXIf8Y7zwyzM37qHXYyGWPZgmKINGsBNv%2FZGqNpdK90%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 889de080d803bbef-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 889de07e7c9cbbef Show response
hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6598 0
604 B 46ms
46ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hizli-giris-ak.com/cdn-cgi/challenge-platform/h/b/jsd/r/889de07e7c9cbbef
Requested by: Host: hizli-giris-ak.com
URL: https://hizli-giris-ak.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 May 2024 12:48:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sOPuNuUfVeEv1%2Brjw1sRdRJtRyOqOnhsFxkQ%2BAEMZyyQTDDn0rOeHHnbeC0TQz%2Fop%2Bdqlx5d7K%2BdFcT7VUDs8SyPvh0OWQWLuVH%2FjcEYDYoOHS1Y88hLUGhRYLxkr37wL3GvnVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 889de081a912bbef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AKBank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hizli-giris-ak.com/	1970-01-21 05:37:43	Name: cf_clearance Value: hwM7s1fCdrs_FQZJNN11We9rX7o9XHoJCGSU.TToq4w-1716727680-1.0.1.1-nxkKvlIlueSe3ZYsA0xSGuOtgRzy0nahNE2IvDTdGhYAzNIhGCgIZnFQvaQOOU4RW62lo3g.RnN_myI7GQEkCw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://hizli-giris-ak.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://hizli-giris-ak.com/images/icons/sprite-icons/sprite-icons-46d76763.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hizli-giris-ak.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pirsch.io
code.jquery.com
hizli-giris-ak.com
188.114.97.3
2a01:4f8:1c1b:cb09::1
2a04:4e42:600::649
154c9d6435e74eb37dbe0507d82e21fab233fd8e0d37f190da99fc5e98fdae87
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
81fecb72264213a39ca7c36d1763468f4a9604b3c52a923262e8e281582717e6
8560f9bdddaa5e89f2d1d1403681932c574de5377c6d0dd5c1aa408c91a3e979
988fdb5c83c68e79b83feb2df8fe1c479e81ad461c748a62b07f9cf978cbd884
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
ac1c2810694b87dfbb14685a0ef65830846e24a281f8842049b78c640d82e750
b3f0887372375924df3b85539fcef9e754c10b86eacc70addf61e00f6b50f37e
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
d2c9f52d4f036409fe38e10e15610cef5111e930b34674c31a752d6dcdc34a3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5e62c693caf9885d084645505d814820b18f9d846cef9097e0c29173f78de7b

hizli-giris-ak.com Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

320 kBTransfer

1031 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

hizli-giris-ak.com Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

320 kB
Transfer

1031 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!