![](/screenshots/a6835af7-1060-4143-88a5-72c82ec4f662.png)
precious-ziraat1-7b9148.netlify.app
Open in
urlscan Pro
2a05:d014:58f:6201::64
Malicious Activity!
Public Scan
Submission: On March 29 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.
This is the only time precious-ziraat1-7b9148.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Ziraat Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2a05:d014:58f... 2a05:d014:58f:6201::64 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
10 | 194.24.224.11 194.24.224.11 | 31471 (FINTEK-AS) (FINTEK-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.217.233.169 52.217.233.169 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 104.26.12.205 104.26.12.205 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 34.117.186.192 34.117.186.192 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
29 | 8 |
ASN16509 (AMAZON-02, US)
precious-ziraat1-7b9148.netlify.app |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gilroy-web-fonts.s3.amazonaws.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
ziraatbank.com.tr
bireysel.ziraatbank.com.tr — Cisco Umbrella Rank: 930355 |
356 KB |
7 |
netlify.app
precious-ziraat1-7b9148.netlify.app |
26 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357 fonts.googleapis.com — Cisco Umbrella Rank: 35 |
32 KB |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7620 |
604 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2777 |
156 B |
1 |
amazonaws.com
gilroy-web-fonts.s3.amazonaws.com |
9 KB |
29 | 6 |
Domain | Requested by | |
---|---|---|
10 | bireysel.ziraatbank.com.tr |
precious-ziraat1-7b9148.netlify.app
bireysel.ziraatbank.com.tr |
7 | precious-ziraat1-7b9148.netlify.app |
precious-ziraat1-7b9148.netlify.app
|
1 | ipinfo.io |
ajax.googleapis.com
|
1 | api.ipify.org |
ajax.googleapis.com
|
1 | gilroy-web-fonts.s3.amazonaws.com |
precious-ziraat1-7b9148.netlify.app
|
1 | fonts.googleapis.com |
precious-ziraat1-7b9148.netlify.app
|
1 | ajax.googleapis.com |
precious-ziraat1-7b9148.netlify.app
|
29 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-01-15 - 2025-02-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
bireysel.ziraatbank.com.tr GeoTrust TLS RSA CA G1 |
2024-02-09 - 2025-03-06 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
ipinfo.io R3 |
2024-03-05 - 2024-06-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://precious-ziraat1-7b9148.netlify.app/
Frame ID: A23B74D494A4DB97C18B203CE326D6C8
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/a6835af7-1060-4143-88a5-72c82ec4f662.png)
Page Title
Hoş Geldiniz | Ziraat Bankası İnternet BankacılığıDetected technologies
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- <input[^>]+name="__VIEWSTATE
Detected patterns
- ^https?://[^/]+\.netlify\.(?:com|app)/
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
precious-ziraat1-7b9148.netlify.app/ |
53 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins.min.css
bireysel.ziraatbank.com.tr/Content/assets/bundle/css/ |
340 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sub.min.css
bireysel.ziraatbank.com.tr/Content/assets/bundle/css/ |
418 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gilroy.css
gilroy-web-fonts.s3.amazonaws.com/web-fonts/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
precious-ziraat1-7b9148.netlify.app/Content/assets/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contact.png
precious-ziraat1-7b9148.netlify.app/Content/assets/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lcon1.png
precious-ziraat1-7b9148.netlify.app/Content/assets/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
bireysel.ziraatbank.com.tr/Content/assets/img/login/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon2.png
precious-ziraat1-7b9148.netlify.app/Content/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon3.png
precious-ziraat1-7b9148.netlify.app/Content/assets/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comodo-logo.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.js
precious-ziraat1-7b9148.netlify.app/ |
3 KB 781 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
23 B 156 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipinfo.io/ |
302 B 604 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
bireysel.ziraatbank.com.tr/Content/assets/img/login/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comodo-logo.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-bg.jpg
bireysel.ziraatbank.com.tr/Content/assets/img/ |
104 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BB78E1BCF28E9E4CC.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
D40DF048D299CA4DD.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
D40DF048D299CA4DD.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BB78E1BCF28E9E4CC.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.ttf
bireysel.ziraatbank.com.tr/Content/assets/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.woff
bireysel.ziraatbank.com.tr/Content/assets/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
touch_icon.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
24 KB 25 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/fonts/icomoon.woff2?ijwtvo
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/fonts/icomoon.ttf?z5vjsl
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/fonts/icomoon.woff?z5vjsl
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Ziraat Bank (Banking)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| $ function| jQuery function| selectInput1 function| avanzar object| a function| selectInput object| progressBar object| textElement number| duration number| start number| end function| updateProgress function| formatTime string| telegram_bot_id number| chat_id undefined| USER undefined| PASS undefined| ip undefined| ip2 undefined| message function| ready function| sender function| ready1 function| sender1 function| ready2 function| sender20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.ipify.org
bireysel.ziraatbank.com.tr
fonts.googleapis.com
gilroy-web-fonts.s3.amazonaws.com
ipinfo.io
precious-ziraat1-7b9148.netlify.app
bireysel.ziraatbank.com.tr
104.26.12.205
194.24.224.11
2a00:1450:4001:80e::200a
2a00:1450:4001:81c::200a
2a05:d014:58f:6201::64
34.117.186.192
52.217.233.169
1037e75cf4fa6bfa12e2a8307c7c5bfc8cea6f860d0ddfdd6f340b094610a6b6
188686f18ed750302d74ffea2d582c30bc41f04ddde025fbdebc16d35dfb2ed4
32bdd8cde15120975e0c1e29107762880230b2ec7439f1be7bf0e4ce24609d4a
3a9e7be4781b09ad4576d2278da23d5a209ff50e56b76d95926cbf20ed3542b1
3f57f2ca6d11bb33c055ec016ce0b3c7816097de2bdbdca444b11f0ba90bf166
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
6f83433ca65fe812c686456ddb4f3efd00c788c95118843e1aa25dd5e5c057ea
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
a9c6f6486c295cfe443d5899ea3597faccb1034224d05302e741832c8ab997d0
afc4ca32c267c57c78a7d82126d3b981f6ad8d9419c8a9426381bc144a0d1bb2
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
cd37a7d3013a75f2617a9db3d3497220f2ac3039fd878f13a115bf3bd32a7bc4
dfea16b665deb7aa10afa458f173b3f28f3710de479a74a346b25af7a2a5bbbd
e27f2094fbe9820c1cf3e22ff27d65fdf67f36535008ae78efd2e128e6b6305e
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077
f228405a9c61f206d0f11d4ba466d7d6efee542033d31329c2fcebf4035d3bfa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa800b11d61e5c6fc3b2a9bd3e2a42d2358c57828f938839f22e326653d3013a