www-pandemidestekbasvurulari2021giriskkb.com Open in urlscan Pro
2606:4700:3034::6815:4d55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www-pandemidestekbasvurulari2021giriskkb.com/
Submission: On May 26 via manual (May 26th 2021, 10:55:22 am UTC) from TR

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::6815:4d55, located in United States and belongs to CLOUDFLARENET, US. The main domain is www-pandemidestekbasvurulari2021giriskkb.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 26th 2021. Valid for: a year.

This is the only time www-pandemidestekbasvurulari2021giriskkb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Turkish Government (Government) BDDK (Banking)

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3034::6815:4d55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.3.2.97 31.3.2.97	21245 (NETSA-AS) (NETSA-AS)
19	2

18 2606:4700:3034::6815:4d55 (United States)

ASN13335 (CLOUDFLARENET, US)

www-pandemidestekbasvurulari2021giriskkb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.3.2.97 (Frankfurt am Main, Germany)

ASN21245 (NETSA-AS, TR)

cdn.e-devlet.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	www-pandemidestekbasvurulari2021giriskkb.com www-pandemidestekbasvurulari2021giriskkb.com	56 KB
1	e-devlet.gov.tr cdn.e-devlet.gov.tr	4 KB
19	2

	Domain	Requested by
18	www-pandemidestekbasvurulari2021giriskkb.com	www-pandemidestekbasvurulari2021giriskkb.com
1	cdn.e-devlet.gov.tr	www-pandemidestekbasvurulari2021giriskkb.com
19	2

This site contains links to these domains. Also see Links.

Domain
giris.turkiye.gov.tr
www.turkiye.gov.tr

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-26` - `2022-05-25`	a year	crt.sh
cdn.e-devlet.gov.tr GlobalSign RSA OV SSL CA 2018	`2020-02-28` - `2022-02-28`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www-pandemidestekbasvurulari2021giriskkb.com/
Frame ID: 4CD16EE8353E823B9D5C22F5B1830150
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

59 kB
Transfer

217 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://giris.turkiye.gov.tr/
Title: Ä°çeriğe Git

Search URL Search Domain Scan URL

URL: https://www.turkiye.gov.tr/iletisim?hizli=CozumMerkezi2
Title: Hızlı Çözüm Merkezi

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www-pandemidestekbasvurulari2021giriskkb.com/	11 KB 4 KB	88ms 43ms	Document text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 PleskLin Resource Hash `f868af3564d068d51b43fca8f57fa58780ad16c1dbb7f42ba9372450bb1cfa49` Request headers :method GET :authority www-pandemidestekbasvurulari2021giriskkb.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT content-type text/html x-powered-by PHP/5.4.16 PleskLin cf-cache-status DYNAMIC cf-request-id 0a49e9668e00002c322d989000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fGhatISVt2YnLpoYLaDoHdmv8svn3HJ2IreKwddyxEET%2BgiOqdgrGjvvdLfXkvBBBOk1%2F30DpwUbfcbTYRR4xSVDF8wQOfV1M9mOfKtuRJ1xga8poMH2radVzNRxPz9CPL21haVIJmAvd94KFF5hY8udYrA8F1EPyZL9%2FxFYDpc2IdvDIM0%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6556781daa692c32-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3-29	200	base.css www-pandemidestekbasvurulari2021giriskkb.com/index_files/	125 KB 19 KB	38ms 27ms	Stylesheet text/css	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `73f7279807a6872a399e9f1b335ddf2a847f29784d4f769adfe18e0f96c0f232` Request headers :path /index_files/base.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1634 x-powered-by PleskLin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966c50000175e08909000000001 last-modified Mon, 05 Oct 2020 08:36:20 GMT server cloudflare etag W/"5f7adb04-1f4c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=os70%2F7iZuuw3DvXYwn%2FFeMjIQ47YcXPKxI9gEE9efKOV4O3M6O3mbRpcuKQa%2FP8C%2FJoZp00EU8TY4LRxSKKX8gD4SceJF86L7D1W0U2BVbHpnvxraPpkboGlGamvagsQUpnStomI1Dv6fJU5yNYwxkvifL253BN8%2FgUnca9Anz%2BvH1YD2BM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6556781e0ec3175e-FRA
GET H3-29	200	header.js Show response www-pandemidestekbasvurulari2021giriskkb.com/index_files/	10 KB 4 KB	33ms 22ms	Script application/javascript	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/header.js Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `5e002677cbc74b8ece199259c3000ad851348079c777165d04d76e7a28e0ca48` Request headers :path /index_files/header.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1634 x-powered-by PleskLin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966c60000175e3488a000000001 last-modified Mon, 05 Oct 2020 08:36:20 GMT server cloudflare etag W/"5f7adb04-2706" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6Gaysl4bEzpq9gzxtntvnYSR4DQy1uXIQEPJFrZqzzE7qU4hpgJ4Ymwh%2FBZfn7El05IX%2FL0hQRgnQVwU2Vf765OVP%2BbrIsrw%2BX6TuCjQ3FOJmPQHGVdAyCwK5B2fifgELLgdyiCvshWHmi0qfaxftBn1OOpzej3BFZjzz2o%2FYtz%2FzB51gQc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 6556781e0eca175e-FRA
GET H3-29	200	giris.css www-pandemidestekbasvurulari2021giriskkb.com/index_files/	44 KB 7 KB	32ms 21ms	Stylesheet text/css	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `7240d65c7509f145e5147366d7393a1fd182cac4e950b15d2089c62b7e282d41` Request headers :path /index_files/giris.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1634 x-powered-by PleskLin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966c60000175ef334c000000001 last-modified Mon, 05 Oct 2020 09:25:34 GMT server cloudflare etag W/"5f7ae68e-b0f9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bJfQoCyCExvNE0qVEdIq%2B0%2FPOFlt8lE9rhsVMqbtMjgUy5h0%2BCqx8rCQijzK5bLV3oQCcqnGDPFkhqccMQWWKrYg769FL5hf%2FeKfC%2FJ6c2n4ghrPWGtHUO2OlO0lVFQHopgK6Kzv2qLAwrHPVG27%2B14G3qngMgLddT96pmq7uNH89UrnoAs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 6556781e0ec7175e-FRA
GET H3-29	200	1.png www-pandemidestekbasvurulari2021giriskkb.com/index_files/	2 KB 2 KB	17ms 17ms	Image image/png	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/1.png Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18` Request headers :path /index_files/1.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1634 x-powered-by PleskLin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1855 cf-request-id 0a49e966e70000175e082c4000000001 last-modified Mon, 05 Oct 2020 08:36:20 GMT server cloudflare etag "5f7adb04-73f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1%2B7PnQjIXbG3qHXUNpEnGVha41GvfdgWQgieWAaxnRdGc%2Fc0aM3tjZGQIDeHsNPe9et8hy9pjvpu%2FK2QtyYwfvsm4MSPvBomoIAlXGwsf%2B7muvarAkB%2BPNNTRZOfEIZbfUsLH0jdi2%2BaJTJifm1O7l2J8Fy7RG5n1SHhnfCiVOI%2BTjVw9Ek%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6556781e3f7a175e-FRA
GET H3-29	200	form-progress.svg www-pandemidestekbasvurulari2021giriskkb.com/index_files/	1 KB 1 KB	17ms 16ms	Image image/svg+xml	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/form-progress.svg Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2` Request headers :path /index_files/form-progress.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1634 x-powered-by PleskLin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966eb0000175e26981000000001 last-modified Mon, 05 Oct 2020 08:36:20 GMT server cloudflare etag W/"5f7adb04-42c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tcPALXOgA1ElVcUm42LRDMNLI3wAXfXcEjkXlsR6HMHrPLeX5CANa6e%2BwtiKGW6%2Bz4rvE3gmiexE8GlUINPKpUdwrrEZewfZFxTgOw3yl6OdWjtS7XKfHTJG%2BzCu%2FgK5IZOc1mNmfTJGaBu48345Tgcizkwfy5iaP7Y8Ub6pL0JyWvLGKYY%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 6556781e4f92175e-FRA
GET H3-29	200	bb-ubak-tsat-black.png www-pandemidestekbasvurulari2021giriskkb.com/index_files/	15 KB 15 KB	17ms 17ms	Image image/png	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/bb-ubak-tsat-black.png Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb` Request headers :path /index_files/bb-ubak-tsat-black.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:05 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1634 x-powered-by PleskLin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15120 cf-request-id 0a49e966f00000175e68b55000000001 last-modified Mon, 05 Oct 2020 08:36:20 GMT server cloudflare etag "5f7adb04-3b10" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vSi1TDh7TvtqDAPpxE1tOUMr6fMiMwiIDz9b%2BqGnHofSH6LH5M19UJukQ7bmJtxa8vN7PBApPLekXrTN6M5kaHmRg%2BGWcO7JLGxy2%2BzT3cxncMhoJsFoTUGK3gLSISDqT4OuQ0TeAn%2ByxfMCLBr2D%2Bxq45XBmyBWBexpwXA0i8aOyLbowyg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6556781e4fa2175e-FRA
GET H2	200	edkkds.svg cdn.e-devlet.gov.tr/themes/izmir/images/	9 KB 4 KB	40ms 7ms	Image image/svg+xml	31.3.2.97 NETSA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.e-devlet.gov.tr/themes/izmir/images/edkkds.svg Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.3.2.97 Frankfurt am Main, Germany, ASN21245 (NETSA-AS, TR), Reverse DNS Software MNCDN-2140 / Resource Hash `39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691` Request headers Referer https://www-pandemidestekbasvurulari2021giriskkb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding gzip last-modified Fri, 05 Jan 2018 11:42:29 GMT server MNCDN-2140 x-mnrequest-id 96186e053557dc7ceb6b7500e84adffb x-edge-location DE-372 etag W/"5a4f64a5-222a" x-cache-status Edge : HIT, vary Accept-Encoding, Accept-Encoding, User-Agent content-type image/svg+xml access-control-allow-origin * cache-control max-age=7776000 x-mserver 2200 expires Tue, 24 Aug 2021 10:55:06 GMT
GET H3-29	404	opensans-regular-webfont.1.woff www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	48ms 47ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-regular-webfont.1.woff Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-regular-webfont.1.woff pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pq%2BeCCXPOFbY9Z4HJBXBwC0vvqY1N9vf46q5XG7tpXFcEU%2BuWWGRpQ56W7sAN4Zo3abjFDQVbGyzvyyRvAQ6lxUdj9qdat0qPFgr26ekOqNUL51brYuHZZ%2FMdAMP1OE6tiosQPOgco7wEhDJBDSwa2ay3Tf3D%2BmUm4zhyLWyZUDbzRA7OwA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781e5fc5175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966fc0000175ede19b000000001
GET H3-29	404	button-right.1.svg www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/images/	808 B 808 B	48ms 48ms	Image text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/images/button-right.1.svg Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187` Request headers :path /themes/izmir/images/button-right.1.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Kub7N7MzAr35rKMzx50z1w%2F7S24clzMbZigouC4UdBoSwNs39XmgPCL0m0p98GgmtxVpES7rTf1A%2F75WOAuC8MJCOU44czg2SIfIf%2BImQNSLD%2FqM53Aan%2FCQrFdMy9o0TRPCMS1DHO2ynzi2LCBx1CICF0Xo8So2IzL%2F9anWW436GnjhUIc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781e5fca175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966f90000175e050e5000000001
GET H3-29	404	arrow-left.1.svg www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/images/	808 B 808 B	48ms 48ms	Image text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/images/arrow-left.1.svg Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187` Request headers :path /themes/izmir/images/arrow-left.1.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css :scheme https sec-fetch-site same-origin :method GET Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/giris.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IJXYwHyDVmt0YwJf5Kn6WXZUQJBtpIOTo0%2BRS8UAnBJ%2FzP1LGFUVwCtIqR6XyUhCH%2FIdDhkjeufBc2VLjdLUmfLhVP%2FBG0Jab8uB2nCm1wXRJ1ibLnYWyrypH5h5Pa3wH8bof%2FJmRO1me2LlnaO6uXTZ1AM3YkBO0vmL2pVJFNHfg84N3fE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781e5fcc175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966f90000175ee70ac000000001
GET H3-29	404	opensans-bold-webfont.1.woff www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	44ms 44ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-bold-webfont.1.woff Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-bold-webfont.1.woff pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5BNIsyqUVzM8jz3TWSpXsRZAraN0uYrK9JbhYH%2B4Y%2FoNvwFej0DZw60MNF%2F53heuRJEEKj7TWLl6mfXuo%2BFZkrotPbN3Lv1FglcniD8jqG0bS8dHFPwzf9g%2FC9zVkch8UmX5KugwNRaY28fa2Ec%2F2Wv10%2BiK1C9sn5vLs3FTTuGPdVG0FEw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781e5fce175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966f90000175e26982000000001
GET H3-29	404	opensans-light-webfont.1.woff www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	39ms 39ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-light-webfont.1.woff Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-light-webfont.1.woff pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZaGXY7CXcvGSBLc%2B8AyyJJneaFUHn6GhWwzEEtDyzErohZZU5bsFTj0MgQCLZJ%2F1wvYFH8Lf4NOJEBRnElxCPRjBVTqqZr5DZ5tUymUz82ydS%2B3c%2Fxl6ApESMM0nR5UKFCmzzoWAyWN8azPeqXEr9lLmfh67PLEqAWKEEUp%2BR9iTY03OpPY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781e5fd0175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e966fa0000175e4c259000000001
GET H3-29	404	opensans-light-webfont.1.woff2 www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	46ms 46ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-light-webfont.1.woff2 Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-light-webfont.1.woff2 pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=731yTeua3EsdMncg5%2BGXmQuFX7wTv40wESmjmqEy2EmAM64Nd0TzKVDzzTOw9aJ4nsHAtenlPvLb%2FAjBUBeJf2ne9u8KWoIE4cTVCcREudhPaTS6QhPA9WtU4lkK5q9cSbONXgEKQxNwGq0PFDi3Hk0cBL2Bdraz6%2FfcEom%2BJYIS7F2CAPE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781e9857175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e967210000175e082cb000000001
GET H3-29	404	opensans-regular-webfont.1.woff2 www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	44ms 44ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-regular-webfont.1.woff2 Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-regular-webfont.1.woff2 pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2Nsxwcnwxa7Gme4ngvqHPozbTpKc3%2BmcZIoCjdCuC0WpVVMumEoGG9mXyMPsTJrpNTEQdMWRIPIbEgOhIDRgolHjvlINimJ3hRKhZbGOXU4Q%2FggOgJmXmrEdsn9QY6Wj%2BIBWQxcSxplr9G6Wj4N4McOGGmzv8ON7zc2Rw3qkZ76jRaKOUf8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781ea86d175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e967270000175e53953000000001
GET H3-29	404	opensans-bold-webfont.1.woff2 www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	42ms 42ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-bold-webfont.1.woff2 Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-bold-webfont.1.woff2 pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qkbs2ctkFE2q10fEo%2FeUYTEL59yVpO0lop1c4Uh2DC6z%2B8xJMoCyx%2BXGcdV%2FU4r2xqeedlhTemPHaOiQ%2F1eA%2Bhx2L4qWA1%2FdaKu2KnuwouFdN5X9OD%2F1XI3i3KO3o2ZwlBih9pMYjZkofMsnR78bFmphtu7%2B6sf%2BV8LNuGU%2Bbuz8WJbkWEA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781ea86f175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e967270000175e3b882000000001
GET H3-29	404	opensans-light-webfont.1.ttf www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	40ms 39ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-light-webfont.1.ttf Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-light-webfont.1.ttf pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y5g40qBVgAWxgEDtiOgZeto88OTuhynk%2FIaMh5egwFsIpjJbAhBcWOWQmR58%2F7Nm25i2JUtylHhoCKYQuwIP3Bt7DtFKJHuQlww%2F5CTRFQ3egpT7dhgL7xjlAksIjQerIOxu%2B%2BeAVG6OnfF3C6SKumB2%2BsL7WYTC%2B%2BJW5Pn6jEBiCeAnbHM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781ee8db175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e967510000175ef9973000000001
GET H3-29	404	opensans-bold-webfont.1.ttf www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	40ms 40ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-bold-webfont.1.ttf Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-bold-webfont.1.ttf pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NhnABFLMDBdSfvAXUVHeRZnnbziwgpWRhQ%2BoIpBbOAkilDyDEBuAA2qxXAIxRDhF6U3OculzyUY%2FKwDYDh7PLAMIYvcPxez7XFi2Hl8b2Bd0k77ibSeIceQHLjqEIrDCg9pm4ICZkU8koKj6XUR%2BeKp77GHpM%2F7Qf9T19ShOwn746iKsa0U%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781ee8dc175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e967510000175e0100a000000001
GET H3-29	404	opensans-regular-webfont.1.ttf www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/	0 0	45ms 45ms	Font text/html	2606:4700:3034::6815:4d55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www-pandemidestekbasvurulari2021giriskkb.com/themes/izmir/fonts/opensans-regular-webfont.1.ttf Requested by Host: www-pandemidestekbasvurulari2021giriskkb.com URL: https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4d55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /themes/izmir/fonts/opensans-regular-webfont.1.ttf pragma no-cache origin https://www-pandemidestekbasvurulari2021giriskkb.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority www-pandemidestekbasvurulari2021giriskkb.com referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css :scheme https sec-fetch-site same-origin :method GET Origin https://www-pandemidestekbasvurulari2021giriskkb.com Referer https://www-pandemidestekbasvurulari2021giriskkb.com/index_files/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 26 May 2021 10:55:06 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 26 May 2021 10:12:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ERMT54bwlmgN6AQ943GCG934MVDMGdYu6G%2FXM6VH81UE%2B67ixh3604DChQ5uurEZJmzPNEXMEVnm9WvnM7ZGyeaq0JlNHqT3avYpdok0CbZSj3o97Q%2BL72VTyLrFgWe0wodEgu8TrciHvotJDiO0RBOjvuYhhnM4IsRiZnZFpkOjLS%2F6zuM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6556781ee8e4175e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a49e967530000175e1981e000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Turkish Government (Government) BDDK (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.e-devlet.gov.tr
www-pandemidestekbasvurulari2021giriskkb.com
2606:4700:3034::6815:4d55
31.3.2.97
39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691
5e002677cbc74b8ece199259c3000ad851348079c777165d04d76e7a28e0ca48
7240d65c7509f145e5147366d7393a1fd182cac4e950b15d2089c62b7e282d41
73f7279807a6872a399e9f1b335ddf2a847f29784d4f769adfe18e0f96c0f232
a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
f868af3564d068d51b43fca8f57fa58780ad16c1dbb7f42ba9372450bb1cfa49
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

www-pandemidestekbasvurulari2021giriskkb.com Open in urlscan Pro 2606:4700:3034::6815:4d55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

59 kBTransfer

217 kBSize

0 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

0 Cookies

Indicators

www-pandemidestekbasvurulari2021giriskkb.com Open in urlscan Pro
2606:4700:3034::6815:4d55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

59 kB
Transfer

217 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!