www.ganzibank.com Open in urlscan Pro
156.236.195.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ganzibank.com/
Submission: On January 19 via automatic, source certstream-suspicious (January 19th 2019, 8:04:42 pm UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 156.236.195.135, located in United States and belongs to ROOTNETWORKS - Root Networks, LLC, US. The main domain is www.ganzibank.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 24th 2018. Valid for: 3 months.

This is the only time www.ganzibank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	156.236.195.135 156.236.195.135	32708 (ROOTNETWORKS) (ROOTNETWORKS - Root Networks)
1 2	2606:4700:30:... 2606:4700:30::681c:e5e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	3

8 156.236.195.135 (United States)

ASN32708 (ROOTNETWORKS - Root Networks, LLC, US)

www.ganzibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:e5e (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.cn365c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ganzibank.com www.ganzibank.com	45 KB
2	cn365c.com 1 redirects www.cn365c.com	322 B
10	2

	Domain	Requested by
8	www.ganzibank.com	www.ganzibank.com
2	www.cn365c.com	1 redirects www.ganzibank.com
10	2

This site contains no links.

Subject Issuer	Validity	Valid
www.ganzibank.com Let's Encrypt Authority X3	`2018-11-24` - `2019-02-22`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-28` - `2019-10-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.ganzibank.com/
Frame ID: 3FA1FDD68449DA7DC0D0BC91FB5C4DCB
Requests: 9 HTTP requests in this frame

Frame: https://www.cn365c.com/cn/register
Frame ID: 891AFEB70807D4289265EB0F3E039F55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

10
Requests

90 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

45 kB
Transfer

126 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.cn365c.com/ HTTP 302
https://www.cn365c.com/cn/register

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.ganzibank.com/	20 KB 8 KB	732ms 274ms	Document text/html	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `e544cdd24e268bcdbbbe7fb1b8b8cca17f73c17d7ea4aa3f9704bd06bc27b35a` Request headers Host www.ganzibank.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Type text/html Content-Encoding gzip Last-Modified Sat, 19 Jan 2019 14:59:54 GMT Accept-Ranges bytes ETag "927f2ea37b0d41:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Sat, 19 Jan 2019 20:04:04 GMT Content-Length 7466
GET H/1.1	200 OK	style.css www.ganzibank.com/templets/default/style/css/	37 KB 11 KB	158ms 157ms	Stylesheet text/css	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/templets/default/style/css/style.css Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `842d062c077bcd029a8c46c633813cc8f208e2fee89350433c14b3af36953baa` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:04 GMT Content-Encoding gzip Last-Modified Wed, 21 Nov 2018 12:04:30 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "01b725b9281d41:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 10762
GET H/1.1	200 OK	media.css www.ganzibank.com/templets/default/style/css/	6 KB 2 KB	322ms 163ms	Stylesheet text/css	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/templets/default/style/css/media.css Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `e5f5e77889b161ecb0e61e2fb59c4e239ea564e80bf3a73978eae217e52a5546` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:05 GMT Content-Encoding gzip Last-Modified Mon, 15 Sep 2014 03:31:52 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0c4d9795d0cf1:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 1256
GET H/1.1	200 OK	m.js Show response www.ganzibank.com/templets/default/style/js/	30 KB 12 KB	468ms 146ms	Script application/javascript	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/templets/default/style/js/m.js Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `842b57b44b21ebb7c31263ea21cdf2949e2939576ae6d704b961b5a69288e24a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:05 GMT Content-Encoding gzip Last-Modified Mon, 15 Sep 2014 03:31:52 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0c4d9795d0cf1:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 12009
GET H/1.1	200 OK	logo20120121.png www.ganzibank.com/templets/default/style/	3 KB 4 KB	146ms 145ms	Image image/png	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Show image Full URL https://www.ganzibank.com/templets/default/style/logo20120121.png Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `9b12b72876e08231de396c9af6959e244a8e1a9b16b75df0f8eb162ae09aa794` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:05 GMT Last-Modified Wed, 21 Nov 2018 12:07:08 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0fe9eb99281d41:0" Content-Type image/png Accept-Ranges bytes Content-Length 3566
GET H/1.1	200 OK	9vzq8s.js Show response www.ganzibank.com/81763/03677/89781/	933 B 928 B	147ms 147ms	Script application/javascript	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/81763/03677/89781/9vzq8s.js Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `bb893c13988f353bab9081347411cd35c8ad680c0c811d32256c94a873c93a95` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:05 GMT Content-Encoding gzip Last-Modified Fri, 07 Dec 2018 13:26:40 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "e69cd7c308ed41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 622
GET H/1.1	200 OK	common.js Show response www.ganzibank.com/templets/default/style/js/	25 KB 7 KB	295ms 295ms	Script application/javascript	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/templets/default/style/js/common.js Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `c62e348583c272f11d92dec42f0ada41f0a81751e1e617c671711bdaf13c5bee` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:05 GMT Content-Encoding gzip Last-Modified Mon, 15 Sep 2014 03:31:52 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0c4d9795d0cf1:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 7168
GET H/1.1	200 OK	r0l12f.js Show response www.ganzibank.com/81763/03677/89781/	4 KB 2 KB	147ms 147ms	Script application/javascript	156.236.195.135 Root Networks
General Check archive.org Show headers Download Go to Full URL https://www.ganzibank.com/81763/03677/89781/r0l12f.js Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 156.236.195.135 , United States, ASN32708 (ROOTNETWORKS - Root Networks, LLC, US), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `48fd67f7a74390e2b9e5eff56af9d03f16a978f4d33e44faa8ccb4004fab71e8` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.ganzibank.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.ganzibank.com/ Connection keep-alive Cache-Control no-cache Referer https://www.ganzibank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sat, 19 Jan 2019 20:04:05 GMT Content-Encoding gzip Last-Modified Fri, 07 Dec 2018 13:26:40 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "068907c308ed41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 1295
GET		top_arrow.png www.ganzibank.com/templets/default/style/img/	0 0

GET H2	200	register www.cn365c.com/cn/ Frame 891A Redirect Chain https://www.cn365c.com/ https://www.cn365c.com/cn/register	0 0	401ms 401ms	Document text/html	2606:4700:30::681c:e5e Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.cn365c.com/cn/register Requested by Host: www.ganzibank.com URL: https://www.ganzibank.com/81763/03677/89781/r0l12f.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:e5e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.26 Resource Hash Request headers :method GET :authority www.cn365c.com :scheme https :path /cn/register pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 referer https://www.ganzibank.com/ accept-encoding gzip, deflate, br cookie __cfduid=d3a744b6d45c5e13f085964dccb8b6f2f1547928248; web=41cjfmu8demn2f1qljbjkrt397 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.ganzibank.com/ Response headers status 200 date Sat, 19 Jan 2019 20:04:10 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/5.6.26 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache set-cookie randomYes=44083900366; path=/ firstVisit=1; Expires=Sat, 26-Jan-2019 20:04:09 GMT; Path=/ expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 49bbe8a888d4bef3-FRA content-encoding br Redirect headers status 302 date Sat, 19 Jan 2019 20:04:09 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d3a744b6d45c5e13f085964dccb8b6f2f1547928248; expires=Sun, 19-Jan-20 20:04:08 GMT; path=/; domain=.cn365c.com; HttpOnly web=41cjfmu8demn2f1qljbjkrt397; path=/ x-powered-by PHP/5.6.26 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache location /cn/register expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 49bbe8a2d8d9bef3-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ganzibank.com
URL: https://www.ganzibank.com/templets/default/style/img/top_arrow.png

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.cn365c.com
www.ganzibank.com
www.ganzibank.com
156.236.195.135
2606:4700:30::681c:e5e
48fd67f7a74390e2b9e5eff56af9d03f16a978f4d33e44faa8ccb4004fab71e8
842b57b44b21ebb7c31263ea21cdf2949e2939576ae6d704b961b5a69288e24a
842d062c077bcd029a8c46c633813cc8f208e2fee89350433c14b3af36953baa
9b12b72876e08231de396c9af6959e244a8e1a9b16b75df0f8eb162ae09aa794
bb893c13988f353bab9081347411cd35c8ad680c0c811d32256c94a873c93a95
c62e348583c272f11d92dec42f0ada41f0a81751e1e617c671711bdaf13c5bee
e544cdd24e268bcdbbbe7fb1b8b8cca17f73c17d7ea4aa3f9704bd06bc27b35a
e5f5e77889b161ecb0e61e2fb59c4e239ea564e80bf3a73978eae217e52a5546

www.ganzibank.com Open in urlscan Pro 156.236.195.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

45 kBTransfer

126 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

0 Cookies

Indicators

www.ganzibank.com Open in urlscan Pro
156.236.195.135 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

45 kB
Transfer

126 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions