![](/screenshots/61ce8ea6-d588-4d38-9ef1-1d6e3a7e68a6.png)
217.195.197.250
Open in
urlscan Pro
217.195.197.250
Malicious Activity!
Public Scan
Submission: On June 15 via api from TR — Scanned from DE
Summary
This is the only time 217.195.197.250 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Denizbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 21 | 217.195.197.250 217.195.197.250 | 201364 (ASTEKNOBOSS) (ASTEKNOBOSS) | |
19 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 | 0 |
Domain | Requested by | |
---|---|---|
19 | 0 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6GNmNLpkv_bENu0bITbwgiSEoUk28F728h5asMD1IPBiDHPm7gZ0_aem_eZXf6E-P8mtPcPrlPaY8tg
Frame ID: A356D118400423161BFA51E120F46F9D
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/61ce8ea6-d588-4d38-9ef1-1d6e3a7e68a6.png)
Page Title
DenizBank İnternet BankacılığıPage URL History Show full URLs
-
http://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6...
HTTP 307
https://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6... HTTP 303
https://217.195.197.250/login.php?success_redirect_url=%2Fplesk-site-preview%2Fcatarapatara.com%2Fht... HTTP 303
https://217.195.197.250/login_up.php?success_redirect_url=%2Fplesk-site-preview%2Fcatarapatara.com%2... HTTP 307
http://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6GNmNLpkv_bENu0bITbwgiSEoUk28F728h5asMD1IPBiDHPm7gZ0_aem_eZXf6E-P8mtPcPrlPaY8tg
HTTP 307
https://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6GNmNLpkv_bENu0bITbwgiSEoUk28F728h5asMD1IPBiDHPm7gZ0_aem_eZXf6E-P8mtPcPrlPaY8tg HTTP 303
https://217.195.197.250/login.php?success_redirect_url=%2Fplesk-site-preview%2Fcatarapatara.com%2Fhttps%2F217.195.197.250%2F%3Ffbclid%3DPAAaaYzUS6GNmNLpkv_bENu0bITbwgiSEoUk28F728h5asMD1IPBiDHPm7gZ0_aem_eZXf6E-P8mtPcPrlPaY8tg HTTP 303
https://217.195.197.250/login_up.php?success_redirect_url=%2Fplesk-site-preview%2Fcatarapatara.com%2Fhttps%2F217.195.197.250%2F%3Ffbclid%3DPAAaaYzUS6GNmNLpkv_bENu0bITbwgiSEoUk28F728h5asMD1IPBiDHPm7gZ0_aem_eZXf6E-P8mtPcPrlPaY8tg HTTP 307
http://217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/?fbclid=PAAaaYzUS6GNmNLpkv_bENu0bITbwgiSEoUk28F728h5asMD1IPBiDHPm7gZ0_aem_eZXf6E-P8mtPcPrlPaY8tg Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/ Redirect Chain
|
20 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/css/ |
662 KB 663 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
37 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-light.svg
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
176 KB 177 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
world.svg
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qrPhoto.jpg
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
denizbank-mobile.jpg
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-footer-logo.svg
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enbd.png
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/js/ |
426 KB 426 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spring.jpg
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
325 KB 326 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.1045337df148fc781940.woff2
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/fonts/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.2d5db81bd20c9209ae0b.ttf
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/fonts/ |
105 KB 106 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/fonts/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold-webfont.7b013a3110831768093f.woff2
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/fonts/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
datach.php
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/ |
0 250 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appicon.png
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
924 B 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/assets/img/ |
1 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
datach.php
217.195.197.250/plesk-site-preview/catarapatara.com/https/217.195.197.250/ |
0 250 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Denizbank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence function| _0xf7e9 function| _0x4d18 function| $ function| jQuery function| gonder0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
217.195.197.250
1817d385ab183f0aa686fb0414447c488f7067167c21b23741c4942ec76bd6cf
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
3b37b765573575acb8649509a09d1a89185770313d2ff38bf24c98e093ded4f5
3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb
4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a
54e92ad9930ef375b8f4e1a1fe7fe5c86d43d7ad00a955c5df818e26489049b8
59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378
a085c2f1e7df8cdded779fa68b0ce2e0d31d3352ed8d8238cb540f35fa20cf0d
ab33eeb00fee8f89136d92dfec7811fa681c5be5114da721508418aae08e90c5
b582e5e36135cfe697ec9cfbb06ff7407a7d89a9e4a1287cfdd905cc3f9669e5
b7adb5ea78fcffa3c66186e90d237802f3d8d3fd21e77c7dcf33f952ed9bf73f
bc1c4c23954990d9cd6c3eb5b6bdfb71e21456c4582972374f240e29fa914637
be3979aa66ab98b74f4c323b1c194cba444de65913e489d5786e0c7fd8f310c0
ca8e907c10b418e455dee845fb08993fa1f8edb7a3f890f7a19a8011e472ee3d
cf33092752054c7e93201ebd484c7e47a194635120a46cc3786b4107195edf1e
d5b36f08a46e0a0ef81b828bb9d05df63f1f7391521d238b82c5c3ce31782b05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9d142415c55c049c8c9514263c4faed91f49a206e1985fef4915af2d819453