krediislemleri.org
Open in
urlscan Pro
2606:4700:3034::6815:3a5e
Malicious Activity!
Public Scan
Submission Tags: @ecarlesi threat #phishing #trcert Search All
Submission: On July 03 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on July 2nd 2023. Valid for: 3 months.
This is the only time krediislemleri.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BDDK (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 2606:4700:303... 2606:4700:3034::6815:3a5e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
krediislemleri.org
krediislemleri.org |
201 KB |
24 | 1 |
Domain | Requested by | |
---|---|---|
24 | krediislemleri.org |
krediislemleri.org
|
24 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
krediislemleri.org GTS CA 1P5 |
2023-07-02 - 2023-09-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://krediislemleri.org/E-Devlet.html
Frame ID: 7CB338DFCE75E8D43B0B7C2789B8AC81
Requests: 26 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
E-Devlet.html
krediislemleri.org/ |
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
krediislemleri.org/cdn/ |
99 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.js
krediislemleri.org/cdn/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
giris.css
krediislemleri.org/cdn/ |
42 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common_messages_tr.1.7.js
krediislemleri.org/themes/izmir/js/es/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.png
krediislemleri.org/themes/istanbul/images/agencies/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form-progress.svg
krediislemleri.org/themes/izmir/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
krediislemleri.org/cdn/ |
198 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
giris.js
krediislemleri.org/cdn/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.jcryption.js
krediislemleri.org/cdn/ |
65 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
edkkds.svg
krediislemleri.org/themes/izmir/images/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
auth-methods.85.svg
krediislemleri.org/themes/izmir/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
open-sans-v18-latin-ext_latin-regular.85.woff2
krediislemleri.org/themes/izmir/fonts/opensans/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
button-right.85.svg
krediislemleri.org/themes/izmir/images/ |
448 B 748 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow-left.85.svg
krediislemleri.org/themes/izmir/images/ |
393 B 711 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
open-sans-v18-latin-ext_latin-600.85.woff2
krediislemleri.org/themes/izmir/fonts/opensans/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
open-sans-v18-latin-ext_latin-300.85.woff2
krediislemleri.org/themes/izmir/fonts/opensans/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
edk.85.85.woff
krediislemleri.org/themes/izmir/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
edk.85.85.ttf
krediislemleri.org/themes/izmir/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bridge.v16.1.7.js
krediislemleri.org/cdn/favicon-196x196.png/themes/antalya/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CryptoServlet
krediislemleri.org/ |
315 B 639 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
datach.php
krediislemleri.org/ |
315 B 645 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
datach.php
krediislemleri.org/ |
315 B 644 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
datach.php
krediislemleri.org/ |
315 B 640 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BDDK (Banking)52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| html5 object| Modernizr object| edDic function| _typeof string| staticServer object| is object| edRun function| loadTextTrack function| parseSRT object| textTrack object| textTrackCounter object| currentText function| timecode_min function| timecode_max function| tcsecs object| paths object| eds object| edkLoaderParams object| edl object| edCom function| open_accessibility_menu function| close_accessibility_menu function| is_accessibility_menu_open function| toggle_accessibility_menu function| open_user_menu function| close_user_menu function| is_user_menu_open function| toggle_user_menu object| uts object| uan function| $ function| jQuery function| RateYo function| Cookies object| antalya function| Sifter object| MicroPlugin function| Selectize function| runEdTagsAction object| commonEdTagActions function| initializeHelpers object| JSEncryptExports function| JSEncrypt object| CryptoJS object| Hex object| Base64 function| ASN1 function| gonder object| searcherNs1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
krediislemleri.org/ | Name: top-menu-state Value: closed |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
krediislemleri.org
2606:4700:3034::6815:3a5e
003c941dd603d13228a919440ea3e99d3ec72301660e04b9d59952eb426a2c64
054ef5495932c35315c4bf6290a42d487e5ed424de2513ca411edf6ce7223d66
0b155ade172e77bc397377c1856af15289b509590b332b351e48f5c11f73a35e
14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4
1e753d0b205bcd405250ea7801523c1ae7cebf6ecf06703e8d881d2e2933d431
20ff43309503e43c71589fa0f60f875897d71238ce2ad37abef1866e77965848
26506dca6d1a13750c690bbeb50d4ca38d69f3ca6e279994e4fe9ed0924d3b4d
27292f1f2138adbd114fa0463bec7cfcb3475c08477f79554da42d858be68d70
39966ec7eea8f508184cef9f98895a0e8d74e3328a43cc8a93c528cfca888691
3f99c9216b834aecb4a9e234163c7dca6242ba95c6b94581df4ff54f8142705b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
537d46273fe124bbced2f098f26222fa3155741e9d76f906c3c39e7fa09bf6a8
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7faf1447c95a8af3d4c24c373678417fbc545d5042ebbb70f05928ae08b6cc21
814a3f4f20f812103033c8345c9bbd27f561a5462f34843e88c94f6f5dc4092c
8783c01c47146acd657f35389a2b47fa9abde71dfff58943e43bcc4a41598260
89f321cba2a85eee70c5da5c97289f988dce92eb50b7a5b960f95337e87958aa
945f7d25e8f885da3c77668f74ecacefa894dc535ac048f57a56e2b2fc2560df
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2