Submitted URL: https://yonetim.ziraatbank.com.tr/
Effective URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Submission: On November 04 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 85.111.53.132, located in Kucukcekmece, Turkey and belongs to TTNET, TR. The main domain is yonetim.ziraatbank.com.tr.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 6th 2020. Valid for: a year.
This is the only time yonetim.ziraatbank.com.tr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 85.111.53.132 9121 (TTNET)
17 1
Apex Domain
Subdomains
Transfer
18 ziraatbank.com.tr
yonetim.ziraatbank.com.tr
315 KB
17 1
Domain Requested by
18 yonetim.ziraatbank.com.tr 1 redirects yonetim.ziraatbank.com.tr
17 1

This site contains no links.

Subject Issuer Validity Valid
yonetim.ziraatbank.com.tr
Sectigo RSA Organization Validation Secure Server CA
2020-11-06 -
2021-12-07
a year crt.sh

This page contains 1 frames:

Primary Page: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Frame ID: 7823BC628DD60A6A075EEDF43D386608
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Virtual Pos Admin Panel

Page URL History Show full URLs

  1. https://yonetim.ziraatbank.com.tr/ HTTP 302
    https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f Page URL

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

314 kB
Transfer

293 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yonetim.ziraatbank.com.tr/ HTTP 302
    https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Login
yonetim.ziraatbank.com.tr/Account/
Redirect Chain
  • https://yonetim.ziraatbank.com.tr/
  • https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
8 KB
10 KB
Document
General
Full URL
https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
dbf16cb10957dc01111be9e094e90e34c0dbd0950d69eda19a192269c660d627
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Date
Thu, 04 Nov 2021 20:53:05 GMT
Content-Length
8486
Referrer-Policy
strict-origin
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
/Account/Login?ReturnUrl=%2f
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Date
Thu, 04 Nov 2021 20:53:05 GMT
Content-Length
145
Referrer-Policy
strict-origin
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
login.css
yonetim.ziraatbank.com.tr/Css/
12 KB
13 KB
Stylesheet
General
Full URL
https://yonetim.ziraatbank.com.tr/Css/login.css?1=1
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
488f06b6b4a6fd85eb22a49e53564bd0f0e9c16570e72220e456dcedcb1d8915
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
12378
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
select2.css
yonetim.ziraatbank.com.tr/Content/css/
19 KB
20 KB
Stylesheet
General
Full URL
https://yonetim.ziraatbank.com.tr/Content/css/select2.css
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
818ede4b6f096ec6012e5d8d339d65bea10f849667ace05dd7566b8e5d5cb30d
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
19545
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
jquery.min.js
yonetim.ziraatbank.com.tr/Scripts/
105 KB
106 KB
Script
General
Full URL
https://yonetim.ziraatbank.com.tr/Scripts/jquery.min.js
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
e2075dacbcf097ebf6ca41703bc5d835515a440e994e3b48a824c4613c671337
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
107746
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
jquery.validate.min.js
yonetim.ziraatbank.com.tr/Scripts/
27 KB
28 KB
Script
General
Full URL
https://yonetim.ziraatbank.com.tr/Scripts/jquery.validate.min.js
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
97c6496b0fd4c5e294c46229ecf7db0ef1cd347ee657c4f82e1d6f4eb31c3dc0
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
27397
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
smooth.js
yonetim.ziraatbank.com.tr/Scripts/
13 KB
14 KB
Script
General
Full URL
https://yonetim.ziraatbank.com.tr/Scripts/smooth.js
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
e8fff38fe982b192c5b4f22cd7010b2280bce5b0addb61ec9bea2bd1e5a4ee9d
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
13652
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
jquery.validate.unobtrusive.js
yonetim.ziraatbank.com.tr/Scripts/
19 KB
21 KB
Script
General
Full URL
https://yonetim.ziraatbank.com.tr/Scripts/jquery.validate.unobtrusive.js
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
2fe9237733bf268f8d01026f94a25c7cb3973647bf5933e324f8490881879047
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
19888
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
select2.min.js
yonetim.ziraatbank.com.tr/Scripts/
65 KB
66 KB
Script
General
Full URL
https://yonetim.ziraatbank.com.tr/Scripts/select2.min.js
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
66596
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
img_logo.png
yonetim.ziraatbank.com.tr/Images/
4 KB
5 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/Images/img_logo.png
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
4610376386642b48e65993c66d3746a8731e1647dcceb1da6392c01a10b9f7d9
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
4094
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
error.png
yonetim.ziraatbank.com.tr/Images/icons/
5 KB
7 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/Images/icons/error.png
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
d039f2d5e954e1004d9a1efac9483efb69d2fcd61edef94a9d0c321e1f2316f4
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
5316
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
Generate
yonetim.ziraatbank.com.tr/DefaultCaptcha/
4 KB
5 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/DefaultCaptcha/Generate?t=3f5161105f3148928e32ffd8e89d4fd9
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
4683cc02c12bc72ac3070071b42975a74c077214dfc53b46b59059b40e0d9708
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Content-Length
3849
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Expires
-1
icn_turkey.png
yonetim.ziraatbank.com.tr/Images/icons/
2 KB
3 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/Images/icons/icn_turkey.png
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
6d242848b6eee57144952cff676e38b14e515b7c45bd1cba66d8db9f8e970c93
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
2207
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
icn_english.png
yonetim.ziraatbank.com.tr/Images/icons/
4 KB
5 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/Images/icons/icn_english.png
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
1a765d7883a4e39fb74c23b7a4b2fa9189405a6b9fb701f2e4cfbc558fcb55f7
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
3594
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
loading.gif
yonetim.ziraatbank.com.tr/Images/
2 KB
3 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/Images/loading.gif
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
ee312e62dab3dfeb7a32a0d3c6fce6f05851c8dc15bfc06f0afa22b3dd7d91ec
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
1930
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
bodyLogin.png
yonetim.ziraatbank.com.tr/images/
319 B
2 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/images/bodyLogin.png
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Css/login.css?1=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
be8eaf7e0de826460e580dc7f671f78bf7dca08c9b2cecdc819c880264beb5e1
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
319
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
login.png
yonetim.ziraatbank.com.tr/images/
2 KB
3 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/images/login.png
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Css/login.css?1=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
8b80e6d60e23807c8e4b7ba3486b1edaaf6cbe2ed469eea0d6d7c8a9ab1fc1c5
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
1932
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1
btn_area.gif
yonetim.ziraatbank.com.tr/images/
1 KB
2 KB
Image
General
Full URL
https://yonetim.ziraatbank.com.tr/images/btn_area.gif
Requested by
Host: yonetim.ziraatbank.com.tr
URL: https://yonetim.ziraatbank.com.tr/Css/login.css?1=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.111.53.132 Kucukcekmece, Turkey, ASN9121 (TTNET, TR),
Reverse DNS
85.111.53.132.dynamic.ttnet.com.tr
Software
/
Resource Hash
08ac2dfd0d1e3a96e665f0e0b7aad77598313dac4a1abb971cedcc77e433182f
Security Headers
Name Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yonetim.ziraatbank.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Length
1207
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin
Last-Modified
Mon, 24 May 2021 08:32:24 GMT
Date
Thu, 04 Nov 2021 20:53:06 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store
Permissions-Policy
geolocation=(self https://yonetim.ziraatbank.com.tr)
ETag
"0dc21527750d71:0"
Content-Security-Policy
default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Accept-Ranges
bytes
Expires
-1

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery string| style_path function| validationFrameEnabler function| isDecimalKey function| isNumberKey function| addPhoneValidation object| Select2 function| Submit function| ______b48cc5c78cbd4e3fbcefeac8c956e11c________

6 Cookies

Domain/Path Name / Value
yonetim.ziraatbank.com.tr/ Name: ASP.NET_SessionId
Value: c2k1an0bjoe521rfidg2wr0w
yonetim.ziraatbank.com.tr/ Name: __RequestVerificationToken
Value: ER3AZbYXu_CvVrNWu2W3OFgdBYI-L6X1SqQVR_4YDeyvoWA83Q0uBBn3RMid524V2IEpK9HbU7_TrN6ObF1Hn1CdvjlJi_1nO4C__E2Vrfw1
yonetim.ziraatbank.com.tr/ Name: CaptchaCookie
Value: 3f5161105f3148928e32ffd8e89d4fd9=WUBEw87awMZXw8L2Ini3Jp4SdZu4Uhl20IeeEgfBvyohT68FYykqQMf0cVQbUBDgsVLOvGLwwm6QrUncrWMTmF1djdNaFHaW+Srf37bESTdy7T6iW5DdRwvunWtmxayOQubrD6dxD2xGnn5HGfb/OZJTZ0ONNbyVfMMygqptxINdFkH35XKSKS1u4Be404SL76akxYhZvANzMFuDbCNvUA==
.yonetim.ziraatbank.com.tr/ Name: TS017d4655_31
Value: 014879b9481b2f5e227cfc49d63966d78cb8eab0381b4fb575aeb101774b005e9e1aa0748813063792587cdbbdb651566c45194750213b37bf74b9db14c53468ff1cbc7bc103952a823472997192784c0bb58d75ac
yonetim.ziraatbank.com.tr/ Name: CaptchaCookiew2ewasjret
Value:
.yonetim.ziraatbank.com.tr/ Name: TS017d4655
Value: 01133403224cec705b078b5e1fe8763ffef35c39a9860a4c707e301a503203c2c301fdfa379e2c0861943b3de8e1f5598d33283a663db86d7471e9a4fafc89ccd6a45dd6a44c22687a44d272754b64954ec3b4861fb9ac4671bf07eb7ee0812f33410869ad47c5ea78578150b8896411442434af1e

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Invalid allowlist item(https://yonetim.ziraatbank.com.tr) for feature geolocation. Allowlist item must be *, self or quoted url.
security error URL: https://yonetim.ziraatbank.com.tr/Account/Login?ReturnUrl=%2f
Message:
The Content-Security-Policy directive 'connect-src' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: http:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: http:; style-src http: https: 'unsafe-inline'; img-src 'self' data: https:; connect-src http: https: ws: frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block