www.sorgulamzamanzamansorguakbank.net Open in urlscan Pro
92.204.219.243 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sorgulamzamanzamansorguakbank.net/
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2023, 5:34:36 pm UTC) — Scanned from FR

Summary HTTP 21 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 92.204.219.243, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is www.sorgulamzamanzamansorguakbank.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 31st 2023. Valid for: 3 months.

This is the only time www.sorgulamzamanzamansorguakbank.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Vakifbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6	92.204.219.243 92.204.219.243	21499 (GODADDY-SXB) (GODADDY-SXB)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
5 10	195.142.244.120 195.142.244.120	39095 (VAKIFBANK-AS) (VAKIFBANK-AS)
21	4

6 92.204.219.243 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 243.219.204.92.host.secureserver.net

www.sorgulamzamanzamansorguakbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 195.142.244.120 (Izmir, Turkey) 5 redirects

ASN39095 (VAKIFBANK-AS, TR)

subesiz.vakifbank.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	vakifbank.com.tr subesiz.vakifbank.com.tr — Cisco Umbrella Rank: 787209 Failed	38 KB
6	sorgulamzamanzamansorguakbank.net www.sorgulamzamanzamansorguakbank.net	263 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	32 KB
21	3

	Domain	Requested by
10	subesiz.vakifbank.com.tr	www.sorgulamzamanzamansorguakbank.net
6	www.sorgulamzamanzamansorguakbank.net	www.sorgulamzamanzamansorguakbank.net
1	code.jquery.com	www.sorgulamzamanzamansorguakbank.net
21	3

This site contains links to these domains. Also see Links.

Domain
subesiz.vakifbank.com.tr
www.vakifbank.com.tr
play.google.com
apps.apple.com
appgallery.huawei.com

Subject Issuer	Validity	Valid
sorgulamzamanzamansorguakbank.net cPanel, Inc. Certification Authority	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.sorgulamzamanzamansorguakbank.net/
Frame ID: ACCFF6FDD7658F594BB5FE4963C25D55
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VakıfBank İnternet Bankacılığı

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

33 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

329 kB
Transfer

1490 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://subesiz.vakifbank.com.tr/bireysel/tr/

Search URL Search Domain Scan URL

URL: https://www.vakifbank.com.tr/islem-listesi.aspx?pageID=359
Title: İşlem Listesi

Search URL Search Domain Scan URL

URL: https://www.vakifbank.com.tr/Default.aspx?pageID=608
Title: İletişim

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.vakifbank.mobile

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/apple-store/id853569450

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C101733569

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/icons/keyboard.svg HTTP 302
https://subesiz.vakifbank.com.tr/bireysel/assets/img/icons/keyboard.svg

Request Chain 8

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/sample/icon-shield.png HTTP 302
https://subesiz.vakifbank.com.tr/bireysel/assets/img/sample/icon-shield.png

Request Chain 9

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/logos/google-play.jpg HTTP 302
https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/google-play.jpg

Request Chain 10

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/logos/app-store.jpg HTTP 302
https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/app-store.jpg

Request Chain 11

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/logos/huawei-download.svg HTTP 302
https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/huawei-download.svg

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.sorgulamzamanzamansorguakbank.net/ 25 KB
4 KB 127ms
48ms Document
text/html 92.204.219.243
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.204.219.243 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 243.219.204.92.host.secureserver.net
Software: Apache / PHP/5.6.40
Resource Hash: 24da42ecc665c81306271151759a1747c16cc562abc49dd90190eb9ab34b18e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: br
content-length: 4264
content-type: text/html; charset=UTF-8
date: Mon, 31 Jul 2023 17:34:30 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

GET
H2 200 styles.e3fabce2d65ed6870e44.css
www.sorgulamzamanzamansorguakbank.net/assets/ 1 MB
234 KB 97ms
96ms Stylesheet
text/css 92.204.219.243
GODADDY-SXB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sorgulamzamanzamansorguakbank.net/assets/styles.e3fabce2d65ed6870e44.css
Requested by: Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.204.219.243 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 243.219.204.92.host.secureserver.net
Software: Apache /
Resource Hash: 60bff234754e504b781a58d9c77453f9b4320086cde16eecf285db5ce677b8b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:34:30 GMT
content-encoding: br
last-modified: Wed, 28 Dec 2022 14:36:58 GMT
server: Apache
etag: "3bc0735-14358c-5f0e44cf6b680-br"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 66ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:34:30 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-169d5"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690824870.cdn4-pxy204-cdg02.pa1.evs,1690824870.cds235.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 32772

GET
H2 200 vakifbank-logo.svg
www.sorgulamzamanzamansorguakbank.net/assets/img/ 4 KB
2 KB 114ms
113ms Image
image/svg+xml 92.204.219.243
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sorgulamzamanzamansorguakbank.net/assets/img/vakifbank-logo.svg
Requested by: Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.204.219.243 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 243.219.204.92.host.secureserver.net
Software: Apache /
Resource Hash: 9d39d3cb5e7555520fb55b849bbdc8a3c525c519d3d4e2d1bccf3022c145de30

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:34:31 GMT
content-encoding: br
last-modified: Wed, 28 Dec 2022 01:52:00 GMT
server: Apache
etag: "3be2e55-ed2-5f0d99d3ad000-br"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1759

GET
H2 200 vakifbank-logo-white.svg
www.sorgulamzamanzamansorguakbank.net/assets/img/ 4 KB
2 KB 28ms
28ms Image
image/svg+xml 92.204.219.243
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sorgulamzamanzamansorguakbank.net/assets/img/vakifbank-logo-white.svg
Requested by: Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.204.219.243 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 243.219.204.92.host.secureserver.net
Software: Apache /
Resource Hash: f9b3eeb4e4348dde16556d18e4b8d9dee807fe41412550df5c7d6d3a6e91ebf6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:34:31 GMT
content-encoding: br
last-modified: Wed, 28 Dec 2022 01:52:00 GMT
server: Apache
etag: "3be2e54-ecf-5f0d99d3ad000-br"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1751

GET
H2 200 qr_entry_tr.svg
www.sorgulamzamanzamansorguakbank.net/assets/img/ 34 KB
11 KB 33ms
33ms Image
image/svg+xml 92.204.219.243
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sorgulamzamanzamansorguakbank.net/assets/img/qr_entry_tr.svg
Requested by: Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.204.219.243 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 243.219.204.92.host.secureserver.net
Software: Apache /
Resource Hash: 463991336704eac1867214666e23fe6ff459f9c050991e454a3d494b67d6a47a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:34:31 GMT
content-encoding: br
last-modified: Wed, 28 Dec 2022 01:52:00 GMT
server: Apache
etag: "3be2e4f-888a-5f0d99d3ad000-br"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 11320

GET
H2 200 secure-globalsign-ssl.png
www.sorgulamzamanzamansorguakbank.net/assets/img/ 9 KB
10 KB 27ms
27ms Image
image/png 92.204.219.243
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sorgulamzamanzamansorguakbank.net/assets/img/secure-globalsign-ssl.png
Requested by: Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.204.219.243 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS: 243.219.204.92.host.secureserver.net
Software: Apache /
Resource Hash: fedf4740b9ae487ac387afe5ac91b724a7a0c9fc05680b9f024ccc37ebb7772b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:34:31 GMT
last-modified: Wed, 28 Dec 2022 01:52:00 GMT
server: Apache
accept-ranges: bytes
etag: "3be2e50-25ff-5f0d99d3ad000"
content-length: 9727
content-type: image/png

GET Roboto-Regular.woff2
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET
H/1.1

200
OK

keyboard.svg
subesiz.vakifbank.com.tr/bireysel/assets/img/icons/
Redirect Chain

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/icons/keyboard.svg
https://subesiz.vakifbank.com.tr/bireysel/assets/img/icons/keyboard.svg

5 KB
6 KB

198ms
72ms

Image
image/svg+xml

195.142.244.120
VAKIFBANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subesiz.vakifbank.com.tr/bireysel/assets/img/icons/keyboard.svg

Requested by

Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/assets/styles.e3fabce2d65ed6870e44.css

Protocol

HTTP/1.1

Server

195.142.244.120 Izmir, Turkey, ASN39095 (VAKIFBANK-AS, TR),

Reverse DNS

Software

Resource Hash

1d98ff4e153149c0d4fd725fb9dd878e2de83ac30e52dbadbb3fdf1a0853fe93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 17:34:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Jun 2023 17:16:58 GMT
ETag: "36897edc1a9ed91:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4754
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://subesiz.vakifbank.com.tr/bireysel/assets/img/icons/keyboard.svg
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

icon-shield.png
subesiz.vakifbank.com.tr/bireysel/assets/img/sample/
Redirect Chain

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/sample/icon-shield.png
https://subesiz.vakifbank.com.tr/bireysel/assets/img/sample/icon-shield.png

5 KB
6 KB

179ms
63ms

Image
image/png

195.142.244.120
VAKIFBANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subesiz.vakifbank.com.tr/bireysel/assets/img/sample/icon-shield.png

Requested by

Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/assets/styles.e3fabce2d65ed6870e44.css

Protocol

HTTP/1.1

Server

195.142.244.120 Izmir, Turkey, ASN39095 (VAKIFBANK-AS, TR),

Reverse DNS

Software

Resource Hash

ecf0f6192658b9f4eb288b8353e2f84a4be9c3b2d8f0365f0539e7556558bf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 17:34:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Jun 2023 17:16:59 GMT
ETag: "5cfe93dc1a9ed91:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5186
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://subesiz.vakifbank.com.tr/bireysel/assets/img/sample/icon-shield.png
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

google-play.jpg
subesiz.vakifbank.com.tr/bireysel/assets/img/logos/
Redirect Chain

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/logos/google-play.jpg
https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/google-play.jpg

5 KB
6 KB

214ms
76ms

Image
image/jpeg

195.142.244.120
VAKIFBANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/google-play.jpg

Requested by

Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/assets/styles.e3fabce2d65ed6870e44.css

Protocol

HTTP/1.1

Server

195.142.244.120 Izmir, Turkey, ASN39095 (VAKIFBANK-AS, TR),

Reverse DNS

Software

Resource Hash

a137095fc3e621e7d32a0134fb1022348219e0a844740d83c816839d3253d8c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 17:34:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Jun 2023 17:16:59 GMT
ETag: "ca398fdc1a9ed91:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5087
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/google-play.jpg
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

app-store.jpg
subesiz.vakifbank.com.tr/bireysel/assets/img/logos/
Redirect Chain

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/logos/app-store.jpg
https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/app-store.jpg

5 KB
6 KB

201ms
74ms

Image
image/jpeg

195.142.244.120
VAKIFBANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/app-store.jpg

Requested by

Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/assets/styles.e3fabce2d65ed6870e44.css

Protocol

HTTP/1.1

Server

195.142.244.120 Izmir, Turkey, ASN39095 (VAKIFBANK-AS, TR),

Reverse DNS

Software

Resource Hash

0e8c81e455a1c214d6907ace3553cba24d23ef771246e3776568a5dd9166585a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 17:34:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Jun 2023 17:16:59 GMT
ETag: "ca398fdc1a9ed91:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 5208
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/app-store.jpg
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

huawei-download.svg
subesiz.vakifbank.com.tr/bireysel/assets/img/logos/
Redirect Chain

https://subesiz.vakifbank.com.tr/bireysel/tr/assets/img/logos/huawei-download.svg
https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/huawei-download.svg

10 KB
11 KB

183ms
67ms

Image
image/svg+xml

195.142.244.120
VAKIFBANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/huawei-download.svg

Requested by

Host: www.sorgulamzamanzamansorguakbank.net
URL: https://www.sorgulamzamanzamansorguakbank.net/assets/styles.e3fabce2d65ed6870e44.css

Protocol

HTTP/1.1

Server

195.142.244.120 Izmir, Turkey, ASN39095 (VAKIFBANK-AS, TR),

Reverse DNS

Software

Resource Hash

9bae576b1979b9b74690a3d96c47a0f9074ba9c364cde2777d1902c8fc142cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.sorgulamzamanzamansorguakbank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 17:34:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Tue, 13 Jun 2023 17:16:59 GMT
ETag: "ca398fdc1a9ed91:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 10417
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://subesiz.vakifbank.com.tr/bireysel/assets/img/logos/huawei-download.svg
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET Roboto-Bold.woff2
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Black.woff2
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Regular.woff
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Bold.woff
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Black.woff
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Regular.ttf
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Bold.ttf
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

GET Roboto-Black.ttf
subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.woff2

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.woff2

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.woff2

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.woff

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.woff

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.woff

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.ttf

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.ttf

Domain: subesiz.vakifbank.com.tr
URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vakifbank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.woff2' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.woff2' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.woff2' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.woff' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.woff' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.woff' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.ttf' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.ttf' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.sorgulamzamanzamansorguakbank.net/ Message: Access to font at 'https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.ttf' from origin 'https://www.sorgulamzamanzamansorguakbank.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subesiz.vakifbank.com.tr/bireysel/tr/assets/fonts/Roboto/Roboto-Black.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
subesiz.vakifbank.com.tr
www.sorgulamzamanzamansorguakbank.net
subesiz.vakifbank.com.tr
195.142.244.120
2001:4de0:ac18::1:a:3a
92.204.219.243
0e8c81e455a1c214d6907ace3553cba24d23ef771246e3776568a5dd9166585a
1d98ff4e153149c0d4fd725fb9dd878e2de83ac30e52dbadbb3fdf1a0853fe93
24da42ecc665c81306271151759a1747c16cc562abc49dd90190eb9ab34b18e1
463991336704eac1867214666e23fe6ff459f9c050991e454a3d494b67d6a47a
60bff234754e504b781a58d9c77453f9b4320086cde16eecf285db5ce677b8b9
9bae576b1979b9b74690a3d96c47a0f9074ba9c364cde2777d1902c8fc142cee
9d39d3cb5e7555520fb55b849bbdc8a3c525c519d3d4e2d1bccf3022c145de30
a137095fc3e621e7d32a0134fb1022348219e0a844740d83c816839d3253d8c1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ecf0f6192658b9f4eb288b8353e2f84a4be9c3b2d8f0365f0539e7556558bf2b
f9b3eeb4e4348dde16556d18e4b8d9dee807fe41412550df5c7d6d3a6e91ebf6
fedf4740b9ae487ac387afe5ac91b724a7a0c9fc05680b9f024ccc37ebb7772b

www.sorgulamzamanzamansorguakbank.net Open in urlscan Pro 92.204.219.243 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

33 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

329 kBTransfer

1490 kBSize

0 Cookies

6 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

18 Console Messages

Indicators

www.sorgulamzamanzamansorguakbank.net Open in urlscan Pro
92.204.219.243 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

33 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

329 kB
Transfer

1490 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!