urlscan.io logo urlscan.io
SecurityTrails logo

internet-ziraat155yil.com Open in urlscan Pro
2606:4700:30::681f:58f6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://internet-ziraat155yil.com/
Effective URL: https://internet-ziraat155yil.com/
Submission: On September 25 via manual from TR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:30::681f:58f6, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is internet-ziraat155yil.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 25th 2019. Valid for: a year.
This is the only time internet-ziraat155yil.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:30:... 13335 (CLOUDFLAR...)
1 194.24.224.10 31471 (FINTEK-AS)
2 194.24.224.11 31471 (FINTEK-AS)
18 3
Domain Requested by
16 internet-ziraat155yil.com 1 redirects internet-ziraat155yil.com
2 bireysel.ziraatbank.com.tr internet-ziraat155yil.com
1 www.ziraatbank.com.tr internet-ziraat155yil.com
18 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-25 -
2020-09-24		 a year crt.sh
www.ziraatbank.com.tr
COMODO RSA Extended Validation Secure Server CA		 2019-08-29 -
2019-12-22		 4 months crt.sh
bireysel.ziraatbank.com.tr
COMODO RSA Extended Validation Secure Server CA		 2019-03-19 -
2021-04-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://internet-ziraat155yil.com/
Frame ID: 7EEE9478E85930A319DEB3DC93311F85
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://internet-ziraat155yil.com/ HTTP 301
    https://internet-ziraat155yil.com/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

818 kB
Transfer

2364 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://internet-ziraat155yil.com/ HTTP 301
    https://internet-ziraat155yil.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
internet-ziraat155yil.com/
Redirect Chain
  • http://internet-ziraat155yil.com/
  • https://internet-ziraat155yil.com/
72 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86eebf1de8b6a3efaa53a68901f5759faa26dd6bef09348a240c5eac3ac262d5

Request headers

:method
GET
:authority
internet-ziraat155yil.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 25 Sep 2019 19:01:09 GMT
content-type
text/html
set-cookie
__cfduid=d0322057d5291f977800cdbcb81afc3871569438069; expires=Thu, 24-Sep-20 19:01:09 GMT; path=/; domain=.internet-ziraat155yil.com; HttpOnly; Secure
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51bf3ebf6c41cba8-VIE
content-encoding
br

Redirect headers

Date
Wed, 25 Sep 2019 19:01:09 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 25 Sep 2019 20:01:09 GMT
Location
https://internet-ziraat155yil.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
51bf3ebf0969cbc0-VIE
plugins.min.css
internet-ziraat155yil.com/ 		337 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/plugins.min.css?v=0WnwC10Ui67Cf0vF6vDueNbrbYjKGUAdzIZoal3Akf81
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
116f09977a23e47faea50b3bceea60370867369142726324473a4fae987f768d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:36 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7ec-544de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec03f6ecba8-VIE
expires
Wed, 25 Sep 2019 23:01:09 GMT
sub.min.css
internet-ziraat155yil.com/ 		334 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/sub.min.css?v=YkdRwyOjRSfCa83cc15JP573ES9rMXLzmOdKZ7Xao6c1
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
435ab6c29a2e6dd9ab0bbecc84b8850f187ed5875c76ec8a990b9912fd893769

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:38 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7ee-53680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec04f75cba8-VIE
expires
Wed, 25 Sep 2019 23:01:09 GMT
jquery.js
internet-ziraat155yil.com/ 		313 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/jquery.js?v=VNuNukmpEeCUlsRELz3BBBsrVHOn6se6Z2jYD4PtEdQ1
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c36c5ea88d160d93887684b8598ea41b80dbd6cb286ddc0dc653273d6a6db63d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:28 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7e4-4e59b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec04f77cba8-VIE
expires
Wed, 25 Sep 2019 23:01:09 GMT
WebResource.axd
internet-ziraat155yil.com/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/WebResource.axd?d=SqZa8GYeN-voTRZ-GMsb11KKLzsM4GjYxTGAXg23ajVoLdblDojATKR_7aSBdwvGYc1HUN_gkQjb5mtE0&t=636765571264470882
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:09 GMT
content-encoding
br
last-modified
Sun, 28 Apr 2019 00:46:14 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7d6-5a17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
51bf3ec04f78cba8-VIE
WebResource.axd
internet-ziraat155yil.com/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/WebResource.axd?d=agHyoqmM5R2HZK0hGHfDVytXXsb63ddjF_nKao5XovSnHZhjS6or_fp52iypVd59PLxUB0lM_JvLk5XHaiBfD53SBAg1&t=636765571264470882
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:09 GMT
content-encoding
br
last-modified
Sun, 28 Apr 2019 00:46:14 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7d6-5a17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
51bf3ec04f7acba8-VIE
logo.png
www.ziraatbank.com.tr/SiteAssets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ziraatbank.com.tr/SiteAssets/images/logo.png
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.24.224.10 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
www.ziraatbank.com
Software
/
Resource Hash
dc6750872782481c50484242a1e4d6dcfa856fae3d932154d384b476a0254638
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' *.yandex.ru *.google-analytics.com *.googleapis.com *.gstatic.com data:
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Sep 2019 12:18:19 GMT
Via
ZB
X-Content-Type-Options
nosniff
Age
196972
Xet-Cookie
Connection
Keep-Alive
request-id
bc03079f-4249-a059-3a81-dc59e552cba9
Content-Length
4823
X-XSS-Protection
1
X-MS-InvokeApp
1; RequireReadOnly
Referrer-Policy
same-origin
Last-Modified
Mon, 16 Apr 2018 08:33:10 GMT
SPRequestGuid
bc03079f-4249-a059-3a81-dc59e552cba9
ETag
"{26CC94B4-3597-4A38-BE4E-4AC754846DCE},6pub"
X-FRAME-OPTIONS
SAMEORIGIN
Strict-Transport-Security
max-age=86400; includeSubDomains
Content-Type
image/png
Cache-Control
max-age=691200 ,public
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' *.yandex.ru *.google-analytics.com *.googleapis.com *.gstatic.com data:
Accept-Ranges
bytes
phone.png
internet-ziraat155yil.com/Content/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internet-ziraat155yil.com/Content/assets/img/phone.png
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:09 GMT
cf-cache-status
HIT
age
362
x-powered-by
PleskLin
status
200
content-length
8378
last-modified
Sun, 28 Apr 2019 00:47:12 GMT
server
cloudflare
etag
"5cc4f810-20ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51bf3ec0da4ccba8-VIE
expires
Wed, 25 Sep 2019 23:01:09 GMT
comodo-logo.png
bireysel.ziraatbank.com.tr/Content/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/img/comodo-logo.png
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
zws /
Resource Hash
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 19:01:09 GMT
Via
ZB
X-Content-Type-Options
nosniff
Age
2
Xet-Cookie
Connection
Keep-Alive
Content-Length
6295
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 24 Jan 2019 06:00:00 GMT
Server
zws
ETag
"0e086aaab3d41:0"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
image/png
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Accept-Ranges
bytes
core.js
internet-ziraat155yil.com/ 		197 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/core.js?v=3RTZjdVQ8sZtOkdCAZlBnRA-AirEWvAc944pQ_jFQNg1
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a0a639fdf0721b984810e84e1fc0f04074aec1a238f57bf414f08da9d6ae8e2e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:22 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7de-3123a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec1fdd7cba8-VIE
expires
Wed, 25 Sep 2019 23:01:10 GMT
dashboard.js
internet-ziraat155yil.com/ 		192 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/dashboard.js?v=Hu57426f8KHuwyIA-SsO3YSF_XxFbdCEze6_8Xijv9E1
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ef7e2fabf6caa6ec8701b3ea91303cc54c6f0ee71da06efb9438459584dbef3b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:24 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7e0-2ffc2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec6d804cba8-VIE
expires
Wed, 25 Sep 2019 23:01:10 GMT
subpage.js
internet-ziraat155yil.com/ 		365 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/subpage.js?v=sXB_2jj5iRmQyVGgF_FjVfKYHxnkUUjUkE8rMGsGwBg1
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
edccfca0d2ee83de54f6ff56e89e0abea757afbb694661d5fc12a1e509c759c6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:30 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7e6-5b3fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec7bb17cba8-VIE
expires
Wed, 25 Sep 2019 23:01:11 GMT
ui.min.js
internet-ziraat155yil.com/ 		148 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/ui.min.js?v=MLqRrfruTx_HoPSCUH8q9I26HQi9cneClyK202kQKuI1
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5702015b70b3dc01e7955998af634f8a39a7da07afd72680df8b993fa9a94f9b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:46:32 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5cc4f7e8-24e04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec8ffd0cba8-VIE
expires
Wed, 25 Sep 2019 23:01:11 GMT
login-bg.jpg
internet-ziraat155yil.com/Content/assets/img/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internet-ziraat155yil.com/Content/assets/img/login-bg.jpg?v=20181004
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/sub.min.css?v=YkdRwyOjRSfCa83cc15JP573ES9rMXLzmOdKZ7Xao6c1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:11 GMT
cf-cache-status
MISS
last-modified
Sun, 28 Apr 2019 00:47:08 GMT
server
cloudflare
x-powered-by
PleskLin
etag
"5cc4f80c-1a0dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51bf3ec90ff9cba8-VIE
content-length
106717
expires
Wed, 25 Sep 2019 23:01:11 GMT
BB78E1BCF28E9E4CC.woff2
internet-ziraat155yil.com/Content/assets/css/webfonts/new/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f9071e4de731c949bee363cc182a5b88e61caa7cffbfd3ccf7321ca11327544

Request headers

Sec-Fetch-Mode
cors
Referer
https://internet-ziraat155yil.com/sub.min.css?v=YkdRwyOjRSfCa83cc15JP573ES9rMXLzmOdKZ7Xao6c1
Origin
https://internet-ziraat155yil.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 28 Apr 2019 00:46:50 GMT
server
cloudflare
age
362
x-powered-by
PleskLin
etag
W/"5cc4f7fa-349c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec92864cba8-VIE
expires
Wed, 25 Sep 2019 23:01:11 GMT
D40DF048D299CA4DD.woff2
internet-ziraat155yil.com/Content/assets/css/webfonts/new/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://internet-ziraat155yil.com/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
87066901222869bbc18ab6d6620daa3aeac78dad94f88233f14ff68bae4cb472

Request headers

Sec-Fetch-Mode
cors
Referer
https://internet-ziraat155yil.com/sub.min.css?v=YkdRwyOjRSfCa83cc15JP573ES9rMXLzmOdKZ7Xao6c1
Origin
https://internet-ziraat155yil.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 28 Apr 2019 00:46:52 GMT
server
cloudflare
age
362
x-powered-by
PleskLin
etag
W/"5cc4f7fc-34a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain
status
200
cache-control
public, max-age=14400
cf-ray
51bf3ec9286fcba8-VIE
expires
Wed, 25 Sep 2019 23:01:11 GMT
video.min.js
bireysel.ziraatbank.com.tr/Content/assets/js/plugins/ 		204 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/js/plugins/video.min.js
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/jquery.js?v=VNuNukmpEeCUlsRELz3BBBsrVHOn6se6Z2jYD4PtEdQ1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
zws /
Resource Hash
5464622544b173bc096c77df737277080b6c94bd331b9341a92a1b848bf21d53
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 18:58:57 GMT
Via
ZB
X-Content-Type-Options
nosniff
Age
135
Xet-Cookie
Connection
Keep-Alive
Content-Length
208953
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 08 Mar 2019 23:29:37 GMT
Server
zws
ETag
"777398cb6d6d41:0"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Accept-Ranges
bytes
phone.png
internet-ziraat155yil.com/Content/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://internet-ziraat155yil.com/Content/assets/img/phone.png
Requested by
Host: internet-ziraat155yil.com
URL: https://internet-ziraat155yil.com/jquery.js?v=VNuNukmpEeCUlsRELz3BBBsrVHOn6se6Z2jYD4PtEdQ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58f6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://internet-ziraat155yil.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 25 Sep 2019 19:01:12 GMT
cf-cache-status
HIT
age
365
x-powered-by
PleskLin
status
200
content-length
8378
last-modified
Sun, 28 Apr 2019 00:47:12 GMT
server
cloudflare
etag
"5cc4f810-20ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
51bf3ecfe9b9cba8-VIE
expires
Wed, 25 Sep 2019 23:01:12 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

443 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt object| onformdata object| onpointerrawupdate string| relativePath function| getInternetExplorerVersion function| ForceEqualHeightOnColumns function| GetWhichCode function| isAlphaNumericForPin function| arrangePagerRow function| FcsToCtrl function| showElement function| hideElement function| imageControl function| onFTimeOutClick function| IsValidDate function| IsValidISODate function| dummyLoading function| dummyHideLoading function| appendSpinnerCircles function| getSpinnerHtml function| GetValidationMsg function| CheckAlphaNumericCurrentPinEntry function| CheckDescription function| GetDropDownData function| FilterDropDown function| clearDropDown function| IsInvalidChar function| CheckGivenText function| GetCharacterCode function| IsValidCharacterCode function| getStepContainerData function| isCheckedBox function| hideClass function| showClass function| hideSelector function| showSelector function| alertMSG function| infoMSG function| removeAlertModalDefaults function| successMSG function| hideAlertMSG function| confirmMSG function| confirmMSGWithCallBack function| showConfirm function| hideConfirm function| isCheckedRadioBox function| changeAmountBoxCurrency function| GetSelectedRadioAttributeValue function| GetSelectedRadio function| TcknCheckDigit function| GetDatePickerDate function| GetDatePickerDateYMD function| GetAmount function| GetCustomAmount function| textBoxValue function| textBoxHaveValue function| keyToUpperCase function| toNonTRCharsWithUpperCase function| removeTurkishChars function| toTRUpperCase function| openLightBoxWithUrl function| isValidPhone function| isValidSMSNumber function| isValidPhoneNumber function| exportContent function| exportContentNoDimension function| openExportPage function| printPage function| printPageNoDimension function| printReceipt function| isValidEmail function| convertToUpperCase function| setHasFormChanges function| checkChanges function| GetGridViewSelectedItem function| GetGridViewSelectedItemAttr function| GetCustomerNoFromAccount function| isAlphanumeric function| isNumber function| isString function| isNum function| isDescription function| getCode function| CheckAlphaNumericNewPinEntry function| hasConsecutiveCharacter function| getAllMatches function| maskPanel function| maskElement function| unmaskPanel function| unmaskElement function| VknCheckDigit function| IsFutureDate function| thisBlur function| isValidIBANValue function| isValidIBAN function| isEmpty function| isWhitespace function| checkCharsFromList function| checkControlDigits function| prepareToCalcControlDigits function| convertToNumber function| mod97 function| IsAlphaNumeric function| IsNumeric function| CheckDynamicRegex function| SetDatePickerDate function| navigateTo function| navigateToPage function| RemoveCheckedBox function| DashedCheckboxClicked function| FilterBoxListGridOrg function| FilterBoxListGrid function| GetFormData function| checkPassword function| ResolveIban function| IsZiraatBankIban function| OzIsValidIban function| customGridViewSelect function| isValidIBANTR function| isMsIE function| onInputFocus function| onInputBlur function| fCountDown function| StartLoggOff function| onYesClicked function| onNoClicked function| resetCounter function| CheckForZiraatInvestmentLoginStatus function| CheckForZiraatInvestmentLoginStatusCallBack function| changeAmountBoxAmount function| changeAmount function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs function| disableFlash function| enableFlash function| javaScriptFlicker function| flashFlicker function| showFlicker function| showFlickerTable function| toggleFlickerVisibility function| getFlickerWidth function| resizeFlicker function| resizeFlickerWH function| loadFlickerCookie function| showFlickerActions function| flickerOpenHelper function| flickerSpeedFaster function| flickerSpeedSlower function| calculateMsFromClockSpeed function| showFlickerBackground function| getFlickerCookieValue function| setFlickerCookieValue function| str_repeat function| sprintf function| luhnCalc function| xorCalc function| getASCIIHexFormatForSecOPTICCharacterSet function| getASCIIHexFormatForZKACharacterSet function| normalizeNonASCIIElements function| containsNonDigits function| getLS function| getLbdex function| getHalfByteDezValue function| getXorDataSecOPTIC function| secOPTICFlicker function| getXorDataV14Stuzza function| stuzzaHHD14Flicker function| getXorDataV14 function| hhd14Flicker function| getXorDataV101 function| hhd101Flicker function| AsyncPost function| FrameOutUrl function| TrySettingScrollPosition function| TryShowIframe function| CheckNewTab function| SetNewTabID object| Browser object| ieBrowser object| touchBrowser boolean| isMobile boolean| isMobileRecourse boolean| is_chrome boolean| is_firefox object| validMessageList object| bindedClickFunctions function| delayThis string| whitespaceall string| whitespace string| letters string| digits function| FilterBoxListGridDbn object| selectedCheckBoxes boolean| fTimeoutShowedOnce object| regexHasRepeatedCharacter object| regexHasLetter object| regexHasDigit object| regexBirthDay object| regexBirthDayYear number| birthDayMinYear string| characterAlphabet object| characterAlphabetValues boolean| isIE boolean| isWin boolean| isOpera number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| globalFlickerPath undefined| globalFlickerCode undefined| globalClockSpeed boolean| globalHasFlash boolean| globalFlashDisabled object| globalTimerSettings function| $ function| jQuery function| dragula function| _ function| moment function| Cookies function| CloseAlertMsg object| VeriBranch string| sid boolean| is_DefaultSubmit object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| dd5fcb6461304a64adbfb0462736cb6f function| WebForm_OnSubmit function| ValidateIdentity function| CheckCustomerNumberTCKN function| RestorePlaceholder function| removeCookies function| setIdentity function| ValidatePage function| loginDummyLoading object| Page_Validators object| ctl00_c_PageValidation boolean| Page_ValidationActive function| ValidatorOnSubmit function| OpenSMSOptionLb object| ProgressBar function| closeMenu function| openMenu function| RSAKeyPair function| twoDigit function| toWin1254 function| toUtf8 function| encryptedString function| decryptedString function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| encryptPassword function| EncryptText function| EncryptFormInputs object| $jscomp object| Plugins number| dpl10 object| lr10 object| hexatrigesimalToChar object| hexToChar object| highBitMasks object| lowBitMasks object| unicode object| win1254 object| utf8_lo object| utf8_hi number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| Sly function| Inputmask function| CampaignButtonClick function| redirectToTxn function| CampaignLightBoxClosed function| CampaignLogoutButtonClick boolean| f boolean| mCustomScrollbar function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| lottie object| bodymovin object| hopscotch function| calculateFileSize function| calculateFileSizeByType function| validFileType function| getContentUrl function| InitializePlugins function| setCloseFunction object| MODULES object| ZIRAAT object| fileSizeType object| FileSizeType boolean| arrwEnabled object| $frame undefined| slyPlugin boolean| isSubmitted function| loginSubmit function| ShowLoginLoading function| HideLoginLoading object| $filterButton object| $filterIb object| $filterWrap object| $filterSection object| $Back object| $MobileBack object| $PageBack object| $filterText object| $filterSwipeTab object| $resultScreenFilter object| $filterBtnWrap object| $_stepItem object| $_targetBlankItem object| $_eligibleItem object| $_blockItem object| $_tabItem object| $_tabPanel object| $_searchKey object| $scrollBox object| $partialItem object| $el object| $tabItem object| $tabContainer object| $videoBody object| $videos object| $openVideosBtn object| $videoItem object| $playerModal object| $playerModalBody object| $playerModalFooterThumb object| $modalThumbs object| $modalThumbItem object| $banner boolean| modulesInitialized object| $element object| $tableBox object| $tableCheck object| $tableDropdown object| $tableText object| $getButtonData object| $tableModalRenderView object| $tableScroll object| $fixAccount object| $transfercurrencyType object| $transferBranch object| vttjs function| WebVTT function| videojs string| currentTabIndex string| storedTabIndex

1 Cookies

Domain/Path Name / Value
.internet-ziraat155yil.com/ Name: __cfduid
Value: d0322057d5291f977800cdbcb81afc3871569438069