3dsecure-denizv2bank.ml Open in urlscan Pro
2.59.117.56 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://3dsecure-denizv2bank.ml/
Effective URL:
https://3dsecure-denizv2bank.ml/indexs.php
Submission: On July 11 via automatic, source certstream-suspicious (July 11th 2022, 6:02:09 pm UTC) — Scanned from DE

Summary HTTP 27 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 27 HTTP transactions. The main IP is 2.59.117.56, located in Turkey and belongs to NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR. The main domain is 3dsecure-denizv2bank.ml.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.

This is the only time 3dsecure-denizv2bank.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Denizbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
27	2.59.117.56 2.59.117.56		202505 (NETBUDUR-...) (NETBUDUR-DATACENTER-ISTANBUL netbudur.com)
27	2

27 2.59.117.56 (Turkey)

ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR)
PTR: jupiter.uzmansoft.net

3dsecure-denizv2bank.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	3dsecure-denizv2bank.ml 3dsecure-denizv2bank.ml	679 KB
27	1

	Domain	Requested by
27	3dsecure-denizv2bank.ml	3dsecure-denizv2bank.ml
27	1

This site contains links to these domains. Also see Links.

Domain
acikdenizv2.denizbank.com
www.denizbank.com

Subject Issuer	Validity	Valid
3dsecure-denizv2bank.ml R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://3dsecure-denizv2bank.ml/indexs.php
Frame ID: 2523A1FC206B5F98FFA26287E1D979E0
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DenizBank İnternet Bankacılığı

Page URL History Show full URLs

https://3dsecure-denizv2bank.ml/ Page URL
https://3dsecure-denizv2bank.ml/indexs.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

679 kB
Transfer

1649 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://acikdenizv2.denizbank.com/forgottenpassword/start
Title: PAROLAMI UNUTTUM / BLOKE KALDIR

Search URL Search Domain Scan URL

URL: https://acikdenizv2.denizbank.com/createnewuser/start
Title: KULLANICI OLUŞTUR

Search URL Search Domain Scan URL

URL: https://www.denizbank.com/acikdeniz/guvenlik/guvenlik-ayarlari.aspx
Title: İnternet Güvenliği

Search URL Search Domain Scan URL

URL: https://www.denizbank.com/internet-bankaciligi/
Title: Yardım ve Öneriler

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://3dsecure-denizv2bank.ml/ Page URL
https://3dsecure-denizv2bank.ml/indexs.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response 3dsecure-denizv2bank.ml/	891 B 579 B	215ms 55ms	Document text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / PHP/7.4.29 Resource Hash `adc59ad956e0d67f68f86a803f0afff4ab17ff1bec7fa039f94a6443b5404fe1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000 content-encoding br content-length 320 content-type text/html; charset=UTF-8 date Mon, 11 Jul 2022 18:02:03 GMT vary Accept-Encoding x-powered-by PHP/7.4.29
GET H2	200	loading.gif 3dsecure-denizv2bank.ml/_assets/img/	37 KB 37 KB	54ms 54ms	Image image/gif	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/_assets/img/loading.gif Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:03 GMT cache-control public, max-age=604800 last-modified Sun, 14 Nov 2021 02:06:50 GMT accept-ranges bytes content-type image/gif content-length 37840 expires Mon, 18 Jul 2022 18:02:03 GMT
GET H2	200	Primary Request indexs.php Show response 3dsecure-denizv2bank.ml/	260 KB 131 KB	70ms 69ms	Document text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / PHP/7.4.29 Resource Hash `05bc1bc3d439cd38dd0124520b89860610a302973d34ba226b749b2ce8243ee3` Request headers Referer https://3dsecure-denizv2bank.ml/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Mon, 11 Jul 2022 18:02:04 GMT vary Accept-Encoding x-powered-by PHP/7.4.29
GET H2	404	ruxitagentjs_ICA27SVfqrux_10221210805073954.js 3dsecure-denizv2bank.ml/	0 0	149ms 148ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/ruxitagentjs_ICA27SVfqrux_10221210805073954.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	analytics.js 3dsecure-denizv2bank.ml/_assets/js/	0 0	102ms 97ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/_assets/js/analytics.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	200	styles.14f38c16c3244b5492af.css 3dsecure-denizv2bank.ml/	566 KB 79 KB	103ms 98ms	Stylesheet text/css	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `26314b985df0b9a0274614772106f29b5d7f445caffc40065d6973a4e801ff8d` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT content-encoding br last-modified Fri, 17 Dec 2021 22:33:50 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 80689 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	200	loading.gif 3dsecure-denizv2bank.ml/_assets/img/	37 KB 37 KB	147ms 144ms	Image image/gif	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/_assets/img/loading.gif Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT cache-control public, max-age=604800 last-modified Sun, 14 Nov 2021 02:06:50 GMT accept-ranges bytes content-type image/gif content-length 37840 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	200	logo-light.svg 3dsecure-denizv2bank.ml/_assets/img/	176 KB 6 KB	148ms 145ms	Image image/svg+xml	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/_assets/img/logo-light.svg Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT content-encoding br last-modified Sun, 14 Nov 2021 02:06:54 GMT vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 6196 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	200	user.png 3dsecure-denizv2bank.ml/	2 KB 2 KB	148ms 146ms	Image image/png	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/user.png Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT cache-control public, max-age=604800 last-modified Sat, 18 Dec 2021 07:41:00 GMT accept-ranges bytes content-type image/png content-length 2255 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	200	sifre.png 3dsecure-denizv2bank.ml/	2 KB 2 KB	148ms 147ms	Image image/png	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/sifre.png Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT cache-control public, max-age=604800 last-modified Sat, 18 Dec 2021 07:41:02 GMT accept-ranges bytes content-type image/png content-length 2496 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	200	login-footer-logo.svg 3dsecure-denizv2bank.ml/_assets/img/login/	2 KB 1 KB	66ms 55ms	Image image/svg+xml	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/_assets/img/login/login-footer-logo.svg Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT content-encoding br last-modified Sun, 14 Nov 2021 02:07:14 GMT vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 1058 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	200	enbd.png 3dsecure-denizv2bank.ml/_assets/img/	4 KB 4 KB	66ms 56ms	Image image/png	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/_assets/img/enbd.png Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT cache-control public, max-age=604800 last-modified Sun, 14 Nov 2021 02:06:48 GMT accept-ranges bytes content-type image/png content-length 3806 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	404	runtime.c298608e9647c69cc550.js 3dsecure-denizv2bank.ml/	0 0	66ms 56ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/runtime.c298608e9647c69cc550.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	polyfills.e7c27bf15bf48a72de71.js 3dsecure-denizv2bank.ml/	0 0	66ms 57ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/polyfills.e7c27bf15bf48a72de71.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	scripts.e8b3c78207fa4f6d6f74.js 3dsecure-denizv2bank.ml/	0 0	65ms 58ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/scripts.e8b3c78207fa4f6d6f74.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	vendor.67eb8a7592425af0ba81.js 3dsecure-denizv2bank.ml/	0 0	65ms 58ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/vendor.67eb8a7592425af0ba81.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	main.c01c0c9a76089d1c0f34.js 3dsecure-denizv2bank.ml/	0 0	65ms 59ms	Script text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/main.c01c0c9a76089d1c0f34.js Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 3dsecure-denizv2bank.ml/assets/	0 0	52ms 52ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET DATA	200 OK	truncated /	183 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d109b056fe200d908c30f76896be2eadee5d0ac4de4e829c8143e9602feee49d` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	autumn.jpg 3dsecure-denizv2bank.ml/_assets/img/login/bg/	379 KB 379 KB	54ms 54ms	Image image/jpeg	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Show image Full URL https://3dsecure-denizv2bank.ml/_assets/img/login/bg/autumn.jpg Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/indexs.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash `f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542` Request headers accept-language de-DE,de;q=0.9 Referer https://3dsecure-denizv2bank.ml/indexs.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 18:02:04 GMT cache-control public, max-age=604800 last-modified Fri, 17 Dec 2021 22:40:42 GMT accept-ranges bytes content-type image/jpeg content-length 387821 expires Mon, 18 Jul 2022 18:02:04 GMT
GET H2	404	opensans-semibold-webfont.1045337df148fc781940.woff2 3dsecure-denizv2bank.ml/assets/	0 0	54ms 53ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/opensans-semibold-webfont.1045337df148fc781940.woff2 Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	opensans-bold-webfont.7b013a3110831768093f.woff2 3dsecure-denizv2bank.ml/assets/	0 0	54ms 54ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/opensans-bold-webfont.7b013a3110831768093f.woff2 Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	icomoon.c435f6679b6ae91aaab8.woff2 3dsecure-denizv2bank.ml/assets/	0 0	54ms 54ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/icomoon.c435f6679b6ae91aaab8.woff2?2qlojn Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	opensans-regular-webfont.d389759376bc2ac55ee9.woff 3dsecure-denizv2bank.ml/assets/	0 0	54ms 54ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:04 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	opensans-semibold-webfont.ba28aba0329c0fc0e825.woff 3dsecure-denizv2bank.ml/assets/	0 0	53ms 52ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:05 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	opensans-bold-webfont.c04f02eb3292e49d2d4e.woff 3dsecure-denizv2bank.ml/assets/	0 0	53ms 52ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:05 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	icomoon.de59fdd4cb2064d64a60.ttf 3dsecure-denizv2bank.ml/assets/	0 0	53ms 52ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/icomoon.de59fdd4cb2064d64a60.ttf?2qlojn Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:05 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html
GET H2	404	icomoon.bd27675dc128701282e0.woff 3dsecure-denizv2bank.ml/assets/	0 0	52ms 52ms	Font text/html	2.59.117.56 NETBUDUR-DATACENT...
General Check archive.org Show headers Download Go to Full URL https://3dsecure-denizv2bank.ml/assets/icomoon.bd27675dc128701282e0.woff?2qlojn Requested by Host: 3dsecure-denizv2bank.ml URL: https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2.59.117.56 , Turkey, ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR), Reverse DNS jupiter.uzmansoft.net Software / Resource Hash Request headers Referer https://3dsecure-denizv2bank.ml/styles.14f38c16c3244b5492af.css Origin https://3dsecure-denizv2bank.ml accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Mon, 11 Jul 2022 18:02:05 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1236 content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Denizbank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://3dsecure-denizv2bank.ml/ruxitagentjs_ICA27SVfqrux_10221210805073954.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/_assets/js/analytics.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/runtime.c298608e9647c69cc550.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/polyfills.e7c27bf15bf48a72de71.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/scripts.e8b3c78207fa4f6d6f74.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/vendor.67eb8a7592425af0ba81.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/main.c01c0c9a76089d1c0f34.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/opensans-semibold-webfont.1045337df148fc781940.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/opensans-bold-webfont.7b013a3110831768093f.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/icomoon.c435f6679b6ae91aaab8.woff2?2qlojn Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/icomoon.de59fdd4cb2064d64a60.ttf?2qlojn Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3dsecure-denizv2bank.ml/assets/icomoon.bd27675dc128701282e0.woff?2qlojn Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3dsecure-denizv2bank.ml
2.59.117.56
05bc1bc3d439cd38dd0124520b89860610a302973d34ba226b749b2ce8243ee3
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
26314b985df0b9a0274614772106f29b5d7f445caffc40065d6973a4e801ff8d
3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb
4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a
59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378
7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17
97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309
adc59ad956e0d67f68f86a803f0afff4ab17ff1bec7fa039f94a6443b5404fe1
d109b056fe200d908c30f76896be2eadee5d0ac4de4e829c8143e9602feee49d
f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542

3dsecure-denizv2bank.ml Open in urlscan Pro 2.59.117.56 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

679 kBTransfer

1649 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3dsecure-denizv2bank.ml Open in urlscan Pro
2.59.117.56 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

679 kB
Transfer

1649 kB
Size

0
Cookies

27 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!