urlscan.io logo urlscan.io
SecurityTrails logo

vakifbank-kazandiriyo.click Open in urlscan Pro
104.21.45.88  Public Scan

Go To Rescan Add Verdict Report
URL: https://vakifbank-kazandiriyo.click/
Submission: On October 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 104.21.45.88, located in United States and belongs to CLOUDFLARENET, US. The main domain is vakifbank-kazandiriyo.click.
TLS certificate: Issued by R3 on October 25th 2021. Valid for: 3 months.
This is the only time vakifbank-kazandiriyo.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.45.88 13335 (CLOUDFLAR...)
1 172.217.16.138 15169 (GOOGLE)
3 142.250.186.131 15169 (GOOGLE)
8 4
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
3 vakifbank-kazandiriyo.click vakifbank-kazandiriyo.click
1 fonts.googleapis.com vakifbank-kazandiriyo.click
0 take-your-prizes-here.life Failed vakifbank-kazandiriyo.click
8 4

This site contains no links.

Subject Issuer Validity Valid
*.vakifbank-kazandiriyo.click
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://take-your-prizes-here.life/?u=pqhk60a&o=3awgwfu
Frame ID: 7CF377BD8F7FC22E9B5B8A7A1869DD40
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Instagram

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

62 kB
Transfer

91 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vakifbank-kazandiriyo.click/ 		36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vakifbank-kazandiriyo.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b272feb7a6caa285c0c74009a9f3c88a1037aafa9ae074332213e612d7b9d67c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
vakifbank-kazandiriyo.click
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 25 Oct 2021 19:07:57 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k72GBxZufuqQRDww6TR6AUgVmzxTUyC0D1HGbI1o3S9JNwcZKoaWj38E9evW55synGAEw7tM2%2F6K9TCB3Lt%2Fbvi8KF0QxkFj8JbG1%2Fmii%2Fe%2B%2BywtraAG%2FaiT4EuanOA1YxPpbb6Sk7k0KrnvTx8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a3dbb130890cd9f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&display=swap
Requested by
Host: vakifbank-kazandiriyo.click
URL: https://vakifbank-kazandiriyo.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
987a1e64929833a5eec95db2badabea568bd1ed323451cf07d076f7f4df16722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 17:51:48 GMT
server
ESF
date
Mon, 25 Oct 2021 19:07:57 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 19:07:57 GMT
lib.min.js
vakifbank-kazandiriyo.click/ 		984 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vakifbank-kazandiriyo.click/lib.min.js
Requested by
Host: vakifbank-kazandiriyo.click
URL: https://vakifbank-kazandiriyo.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd175be822b3b852ec9a9180bdbee3fbd5d7c2f54ed8c354da04e5e828ac9e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
no-cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
csf__ykp=JUUwJUI4JUE4JUUwJUI4JUI0JTIwJUUwJUI4JUE3JUUwJUI4JUI0JUUwJUI5JTg0JUUwJUI4JUE1JTIwJUUwJUI5JTgwJUUwJUI4JThCJTIwJUUwJUI4JThBJUUwJUI4JUIxJUUwJUI5JTg4JTIwJUUwJUI4JTk5
dpr
1
:path
/lib.min.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
vakifbank-kazandiriyo.click
referer
https://vakifbank-kazandiriyo.click/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://vakifbank-kazandiriyo.click/
DPR
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 19:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEwnwlA9zzgQM7sdV277a37PxpNKHXhsD8qbQ42VtYVeT7G1eLlXEJ6%2FJ2YGA0A1VhDxMOmy0gmVaRGjCgyeSvJSA5TwfEQFB9ijVNFNpv1OfhZOM%2Fo4yPkj2dL4xVSqdoa6ntf4QBBdh4kKFug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
private
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
6a3dbb13896acd9f-CDG
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vakifbank-kazandiriyo.click
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:16:28 GMT
x-content-type-options
nosniff
age
312689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 22 Oct 2022 04:16:28 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vakifbank-kazandiriyo.click
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 11:16:53 GMT
x-content-type-options
nosniff
age
114664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16064
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 11:16:53 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vakifbank-kazandiriyo.click
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 11:16:30 GMT
x-content-type-options
nosniff
age
114687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 11:16:30 GMT
lib.min.js
vakifbank-kazandiriyo.click/ 		228 B
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vakifbank-kazandiriyo.click/lib.min.js?2605536512943268
Requested by
Host: vakifbank-kazandiriyo.click
URL: https://vakifbank-kazandiriyo.click/lib.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.45.88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://vakifbank-kazandiriyo.click
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
csf__ykp=JUUwJUI4JUE4JUUwJUI4JUI0JTIwJUUwJUI4JUE3JUUwJUI4JUI0JUUwJUI5JTg0JUUwJUI4JUE1JTIwJUUwJUI5JTgwJUUwJUI4JThCJTIwJUUwJUI4JThBJUUwJUI4JUIxJUUwJUI5JTg4JTIwJUUwJUI4JTk5
dpr
1
content-length
46
:path
/lib.min.js?2605536512943268
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
vakifbank-kazandiriyo.click
referer
https://vakifbank-kazandiriyo.click/
:scheme
https
sec-fetch-site
same-origin
:method
PUT
Referer
https://vakifbank-kazandiriyo.click/
DPR
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Oct 2021 19:07:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvUWlv9s6hv21tF3D3UkVBLrpNniH%2FUSQqo1uf0EX%2FQN%2BmRicnmRHObCnS1RZqzabuP2Judlj5nrXyoWXzvmGJhJrZ01ZGqdhcTdadRuVKTEgb7sNC3DWNcDEl5FSTBrGZMd%2FOCNctiv252nLtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
private
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
cf-ray
6a3dbb142b35085b-CDG
/
take-your-prizes-here.life/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
take-your-prizes-here.life
URL
https://take-your-prizes-here.life/?u=pqhk60a&o=3awgwfu

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
vakifbank-kazandiriyo.click/ Name: csf__ykp
Value: JUUwJUI4JUE4JUUwJUI4JUI0JTIwJUUwJUI4JUE3JUUwJUI4JUI0JUUwJUI5JTg0JUUwJUI4JUE1JTIwJUUwJUI5JTgwJUUwJUI4JThCJTIwJUUwJUI4JThBJUUwJUI4JUIxJUUwJUI5JTg4JTIwJUUwJUI4JTk5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block