Windows Analysis Report
http://768867125.com

Overview

General Information

Sample URL:	http://768867125.com
Analysis ID:	1468115
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

HTML body contains low number of good links

HTML body contains password input but no form action

HTML title does not match URL

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://768867125.com

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://768867125.com/content/core/scripts/akbankdirekt-browserdetect-plugins.min.js?v=1.0.34	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/akbankdirekt-core.min.js?v=1.1.11	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/back.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/close.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/Language/Language?culture=tr-TR&forced=&version=	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/akbankdirekt-parts.js?v=1.0.12	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/login-refresh-captcha.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/login-refresh-captcha.svg	Avira URL Cloud: Label: phishing
Source: http://768867125.com/	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/loan-g.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/icheck/js/icheck.min.js	Avira URL Cloud: Label: phishing
Source: https://768867125.com/app/main-built.js?version=	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/loan-g.svg	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/dt-w.svg	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/dt-w.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/akbankdirekt-core-plugins.min.js?v=1.0.34	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://768867125.com

LLM: Score: 9 brands: Akbank Reasons: The URL 'https://768867125.com' is highly suspicious as it does not match the legitimate domain 'akbank.com' associated with Akbank. The image shows a prominent login form requesting sensitive information such as customer number and password, which is a common tactic used in phishing attacks. Additionally, the domain name appears to be a random string of numbers, which is another red flag for phishing. There is no CAPTCHA present, which is often used by legitimate sites to prevent automated attacks. The combination of these factors strongly suggests that this is a phishing site. DOM: 0.0.pages.csv

HTML body contains low number of good links

Source: https://768867125.com/

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://768867125.com/

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

Source: https://768867125.com/

HTTP Parser: Title: Akbank Mobil - Hoakaln! does not match URL

Source: https://768867125.com/

HTTP Parser: <input type="password" .../> found

Source: https://768867125.com/

HTTP Parser: No favicon

Source: https://768867125.com/

HTTP Parser: No <meta name="author".. found

Source: https://768867125.com/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 768867125.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-browserdetect-plugins.min.js?v=1.0.34 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/styles/akbankdirekt-core.min.css?v=1.1.11 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/styles/akbankdirekt-core-plugins.min.css?v=1.0.34 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/styles/dist/css/application-styles-mobile.min.css?1.0.11 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/icheck/css/skins/square/custom.css HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/icheck/css/skins/square/grey.css HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/dt-w.svg HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-core.min.js?v=1.1.11 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-core-plugins.min.js?v=1.0.34 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-parts.js?v=1.0.12 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Language/Language?culture=tr-TR&forced=&version= HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/icheck/js/icheck.min.js HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/main-built.js?version= HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/login-refresh-captcha.svg HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/loan-g.svg HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/back.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/close.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/sprite-icons/sprite-icons-46d76763.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mobilsube.akbank.com.tr/content/application/styles/dist/css/application-styles-mobile.min.css?1.0.11Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/standart_logo.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/dt-w.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/login-refresh-captcha.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/loan-g.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/back.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/close.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/standart_logo.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Regular/OpenSans-Regular.woff HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Semibold/OpenSans-Semibold.woff HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Light/OpenSans-Light.woff HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/sprite-icons/sprite-icons-46d76763.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Regular/OpenSans-Regular.ttf HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Semibold/OpenSans-Semibold.ttf HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Light/OpenSans-Light.ttf HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 768867125.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: 768867125.com
Source: global traffic	DNS traffic detected: DNS query: mobilsube.akbank.com.tr
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:28 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:36 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes

Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/application/images/standart_logo.svg
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/application/styles/dist/css/application-styles-mobile.min.cs
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/scripts/icheck/css/skins/square/custom.css
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/scripts/icheck/css/skins/square/grey.css
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-core-plugins.min.css?v=1.0.34
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-core.min.css?v=1.1.11
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.win@17/52@10/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 --field-trial-handle=2412,i,8585168285471206829,16212310513850043636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://768867125.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 --field-trial-handle=2412,i,8585168285471206829,16212310513850043636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
213.202.218.221	768867125.com	Germany	24961	MYLOC-ASIPBackboneofmyLocmanagedITAGDE	true
217.169.192.95	mobilsube.akbank.com.tr	Turkey	12794	AKNET-AKBANKTR	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
216.58.212.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
mobilsube.akbank.com.tr	217.169.192.95	true
www.google.com	216.58.212.132	true
768867125.com	213.202.218.221	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://768867125.com/content/core/scripts/akbankdirekt-browserdetect-plugins.min.js?v=1.0.34	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/core/scripts/akbankdirekt-core.min.js?v=1.1.11	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/application/images/icons/back.png	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/application/images/icons/close.png	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/core/fonts/OpenSans/Regular/OpenSans-Regular.woff	false	Avira URL Cloud: safe	unknown
https://768867125.com/Language/Language?culture=tr-TR&forced=&version=	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/core/scripts/icheck/css/skins/square/grey.css	false	Avira URL Cloud: safe	unknown
https://768867125.com/content/core/scripts/akbankdirekt-parts.js?v=1.0.12	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-core-plugins.min.css?v=1.0.34	false	Avira URL Cloud: safe	unknown
https://768867125.com/	true		unknown
https://768867125.com/content/application/images/icons/login-refresh-captcha.png	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/core/fonts/OpenSans/Regular/OpenSans-Regular.ttf	false	Avira URL Cloud: safe	unknown
https://mobilsube.akbank.com.tr/content/core/fonts/OpenSans/Semibold/OpenSans-Semibold.ttf	false	Avira URL Cloud: safe	unknown
https://768867125.com/favicon.ico	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/application/images/icons/login-refresh-captcha.svg	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/application/images/standart_logo.svg	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://mobilsube.akbank.com.tr/content/core/fonts/OpenSans/Light/OpenSans-Light.ttf	false	Avira URL Cloud: safe	unknown
http://768867125.com/	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/application/images/icon-set/loan-g.png	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/core/scripts/icheck/js/icheck.min.js	true	Avira URL Cloud: phishing	unknown
https://768867125.com/app/main-built.js?version=	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12	false	Avira URL Cloud: safe	unknown
https://mobilsube.akbank.com.tr/content/application/images/icons/sprite-icons/sprite-icons-46d76763.svg	false	Avira URL Cloud: safe	unknown
https://mobilsube.akbank.com.tr/content/core/fonts/OpenSans/Light/OpenSans-Light.woff	false	Avira URL Cloud: safe	unknown
https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-core.min.css?v=1.1.11	false	Avira URL Cloud: safe	unknown
https://mobilsube.akbank.com.tr/content/core/scripts/icheck/css/skins/square/custom.css	false	Avira URL Cloud: safe	unknown
https://768867125.com/content/application/images/icon-set/loan-g.svg	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/application/styles/dist/css/application-styles-mobile.min.css?1.0.11	false	Avira URL Cloud: safe	unknown
https://768867125.com/content/application/images/icon-set/dt-w.svg	true	Avira URL Cloud: phishing	unknown
https://mobilsube.akbank.com.tr/content/core/fonts/OpenSans/Semibold/OpenSans-Semibold.woff	false	Avira URL Cloud: safe	unknown
https://768867125.com/content/application/images/icon-set/dt-w.png	true	Avira URL Cloud: phishing	unknown
https://768867125.com/content/core/scripts/akbankdirekt-core-plugins.min.js?v=1.0.34	true	Avira URL Cloud: phishing	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 46	ASCII text, with very long lines (65536), with no line terminators	D1978E185F1377F6C6F93373EE92DD52	174434AE7AB1345E7AE8C1C162B3FE83A84CE33F	727146D6B88E62BA4D16326D4030FC9EB5B6F8FA1A402050C483C65646BC9B84
Chrome Cache Entry: 47	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 48	SVG Scalable Vector Graphics image	FDCD71BA1A80DB48089A2674903F0634	2ACA3182CEA149C92424BAD39F1F2E7278DFBB00	988FDB5C83C68E79B83FEB2DF8FE1C479E81AD461C748A62B07F9CF978CBD884
Chrome Cache Entry: 49	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 50	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 51	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 52	HTML document, Unicode text, UTF-8 text, with very long lines (518)	DEEF32075CECBDF5DEC2B3DDFB0210F2	2BB465C7F86F1B5E1571AC7781E9CE44CDE5CB1E	BA1D46777CE2173AE07EF818687F6B1E4E2AF5B160B64BE8E2EC7E55403D4A33
Chrome Cache Entry: 53	TrueType Font data, 18 tables, 1st "FFTM"	61494C83E20EEC54016CCCD9C2759E43	B33FC6D26FF3F2AAF6EA5BBBE70469DAFE18BE66	D42B76AFBE690FE8E03B6040AFCA8D51B856815B1928A0F2682939F8AFF60A18
Chrome Cache Entry: 54	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 55	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 56	SVG Scalable Vector Graphics image	46D7676320EC3A3CD4685D8010792BC8	60F33618D55F6AF53F1281990A4570BB7CA4BD27	C105B2FEF80A493A634169507E58968440CA4D74B267E8A0F3A0E31828F44950
Chrome Cache Entry: 57	ASCII text, with no line terminators	324775F5FD18656CD43909618CC01305	F94E5CE38CB8C0F1832FE1008E6C7690378D8558	9DD47354F35286342345495E2809FB5A1494A96DE3DE6C6A64D6228D88AD8F84
Chrome Cache Entry: 58	ASCII text, with very long lines (2932), with no line terminators	AA3BADBFCC3E5D5DE3C658D6992FE16C	2452FC9D934706116EC7FE1F863BDB699DBD6D96	0020F426B58B7A2E17EDF6C0C634B326CDD3213F28E2D820BFFDE65B71AF7BB3
Chrome Cache Entry: 59	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 60	ASCII text, with CRLF line terminators	A963DCE9D20BC8785086A0C9DA41E696	8C460E5CFB0A2936A36E6D60C6EE936C4A2D9BF9	B4B85E4C92787CB96CEF904B2561A8241848A152A6C3F562BC5F7A5F18FCA105
Chrome Cache Entry: 61	TrueType Font data, 18 tables, 1st "FFTM"	C7F6FE24D3EDC0DD6F26BFFA84329FFC	B7D00FDD3C7A5BBA1B5A5F2F73FF4709BF7F4ADE	E26C5E7DB4BD9DE04B185007CBD425ACCE282573F6EADC07028DF6CE315008EC
Chrome Cache Entry: 62	SVG Scalable Vector Graphics image	46D7676320EC3A3CD4685D8010792BC8	60F33618D55F6AF53F1281990A4570BB7CA4BD27	C105B2FEF80A493A634169507E58968440CA4D74B267E8A0F3A0E31828F44950
Chrome Cache Entry: 63	ASCII text, with very long lines (65536), with no line terminators	3E8A731179AFF85E3A86144D9D86203E	14F19FAC26E5C1BDCB8359B09B977817A55C5978	B61039D24FADB6002FF4373F9FE3C23FBCA29ADA827B533FEB81DE1B2DFEFF40
Chrome Cache Entry: 64	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 65	ASCII text, with very long lines (65536), with no line terminators	6FA86073559FBA25BCA9845CF9108A77	0DD4893F0A58CF31F3D0C615A2F330893F6B73E3	555D1EC5E214C237A60B9E415998F91740509751B92F20991A2035D4BEFF7BB6
Chrome Cache Entry: 66	TrueType Font data, 18 tables, 1st "FFTM"	701535D2598113FA53D15B0FB3BE7644	615B39E3164E0E04BE5A6322BE27112380A35938	131F5C83E6781907D35AAB84E6BD53A2E638CDE33C54AC4ED764F1171F81BE6B
Chrome Cache Entry: 67	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 68	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 69	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187
Chrome Cache Entry: 70	SVG Scalable Vector Graphics image	FDCD71BA1A80DB48089A2674903F0634	2ACA3182CEA149C92424BAD39F1F2E7278DFBB00	988FDB5C83C68E79B83FEB2DF8FE1C479E81AD461C748A62B07F9CF978CBD884
Chrome Cache Entry: 71	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	CAAD8401E706C21CC33CBF4A9186664D	22802B9791AF3DDC03E49AB5F57550BF0F054EC4	096DC4277E5D70BB889E8CE7383CC828F3A18BF4E20CAD7107CAC23F0A5CD710
Chrome Cache Entry: 72	HTML document, ASCII text	A943672A32297727BAB01C3E76977550	3A667C4B7A457EF6C586CC581D533C128737BF53	B9347F234DC3C8D56E015E86D88A1400415DB8F7A5AD91F02B6A2323C10A4187

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://768867125.com

Avira URL Cloud: detection malicious, Label: phishing

Antivirus detection for URL or domain

Source: https://768867125.com/content/core/scripts/akbankdirekt-browserdetect-plugins.min.js?v=1.0.34	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/akbankdirekt-core.min.js?v=1.1.11	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/back.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/close.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/Language/Language?culture=tr-TR&forced=&version=	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/akbankdirekt-parts.js?v=1.0.12	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/login-refresh-captcha.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icons/login-refresh-captcha.svg	Avira URL Cloud: Label: phishing
Source: http://768867125.com/	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/loan-g.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/icheck/js/icheck.min.js	Avira URL Cloud: Label: phishing
Source: https://768867125.com/app/main-built.js?version=	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/loan-g.svg	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/dt-w.svg	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/application/images/icon-set/dt-w.png	Avira URL Cloud: Label: phishing
Source: https://768867125.com/content/core/scripts/akbankdirekt-core-plugins.min.js?v=1.0.34	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://768867125.com

HTML body contains low number of good links

Source: https://768867125.com/

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://768867125.com/

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML title does not match URL

Source: https://768867125.com/

HTTP Parser: Title: Akbank Mobil - Hoakaln! does not match URL

Source: https://768867125.com/

HTTP Parser: <input type="password" .../> found

Source: https://768867125.com/

HTTP Parser: No favicon

Source: https://768867125.com/

HTTP Parser: No <meta name="author".. found

Source: https://768867125.com/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.97.153
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 768867125.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-browserdetect-plugins.min.js?v=1.0.34 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/styles/akbankdirekt-core.min.css?v=1.1.11 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/styles/akbankdirekt-core-plugins.min.css?v=1.0.34 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/styles/dist/css/application-styles-mobile.min.css?1.0.11 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12 HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/icheck/css/skins/square/custom.css HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/icheck/css/skins/square/grey.css HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/dt-w.svg HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-core.min.js?v=1.1.11 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-core-plugins.min.js?v=1.0.34 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/akbankdirekt-parts.js?v=1.0.12 HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Language/Language?culture=tr-TR&forced=&version= HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /content/core/scripts/icheck/js/icheck.min.js HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/main-built.js?version= HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/login-refresh-captcha.svg HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/loan-g.svg HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/back.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/close.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/sprite-icons/sprite-icons-46d76763.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mobilsube.akbank.com.tr/content/application/styles/dist/css/application-styles-mobile.min.css?1.0.11Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/standart_logo.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/dt-w.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/login-refresh-captcha.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icon-set/loan-g.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/back.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/close.png HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/standart_logo.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Regular/OpenSans-Regular.woff HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Semibold/OpenSans-Semibold.woff HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Light/OpenSans-Light.woff HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/application/images/icons/sprite-icons/sprite-icons-46d76763.svg HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Regular/OpenSans-Regular.ttf HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Semibold/OpenSans-Semibold.ttf HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /content/core/fonts/OpenSans/Light/OpenSans-Light.ttf HTTP/1.1Host: mobilsube.akbank.com.trConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://768867125.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 768867125.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://768867125.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 768867125.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: 768867125.com
Source: global traffic	DNS traffic detected: DNS query: mobilsube.akbank.com.tr
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:28 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:31 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:32 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:33 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 05 Jul 2024 09:11:36 GMTContent-Type: text/htmlContent-Length: 808Connection: closeLast-Modified: Mon, 01 Jul 2024 18:18:57 GMTETag: "328-61c33a16a49e2"Accept-Ranges: bytes

Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/application/images/standart_logo.svg
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/application/styles/dist/css/application-styles-mobile.min.cs
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/scripts/icheck/css/skins/square/custom.css
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/scripts/icheck/css/skins/square/grey.css
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-core-plugins.min.css?v=1.0.34
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-core.min.css?v=1.1.11
Source: chromecache_52.2.dr	String found in binary or memory: https://mobilsube.akbank.com.tr/content/core/styles/akbankdirekt-parts.mobile.min.css?v=1.0.12

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.97.153:443 -> 192.168.2.4:49754 version: TLS 1.2

Source: classification engine

Classification label: mal64.phis.win@17/52@10/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 --field-trial-handle=2412,i,8585168285471206829,16212310513850043636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://768867125.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 --field-trial-handle=2412,i,8585168285471206829,16212310513850043636,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1468115
Product:	CloudBasic
Start time:	11:10:32
Start date:	05.07.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://768867125.com

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://768867125.com

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://768867125.com