www.3dsecure-denizv2bank.ml.cloud-mining2.gq
Open in
urlscan Pro
2.59.117.56
Malicious Activity!
Public Scan
Effective URL: http://www.3dsecure-denizv2bank.ml.cloud-mining2.gq/indexs.php
Submission: On July 11 via api from NL — Scanned from NL
Summary
This is the only time www.3dsecure-denizv2bank.ml.cloud-mining2.gq was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Denizbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 2.59.117.56 2.59.117.56 | 202505 (NETBUDUR-...) (NETBUDUR-DATACENTER-ISTANBUL netbudur.com) | |
27 | 2 |
ASN202505 (NETBUDUR-DATACENTER-ISTANBUL netbudur.com, TR)
PTR: jupiter.uzmansoft.net
www.3dsecure-denizv2bank.ml.cloud-mining2.gq |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
cloud-mining2.gq
www.3dsecure-denizv2bank.ml.cloud-mining2.gq |
700 KB |
27 | 1 |
Domain | Requested by | |
---|---|---|
27 | www.3dsecure-denizv2bank.ml.cloud-mining2.gq |
www.3dsecure-denizv2bank.ml.cloud-mining2.gq
|
27 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
acikdenizv2.denizbank.com |
www.denizbank.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.3dsecure-denizv2bank.ml.cloud-mining2.gq/indexs.php
Frame ID: A2E63D5F0C89E4FFC7DC63D0A70C8498
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
DenizBank İnternet BankacılığıPage URL History Show full URLs
- http://www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ Page URL
- http://www.3dsecure-denizv2bank.ml.cloud-mining2.gq/indexs.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: PAROLAMI UNUTTUM / BLOKE KALDIR
Search URL Search Domain Scan URL
Title: KULLANICI OLUŞTUR
Search URL Search Domain Scan URL
Title: İnternet Güvenliği
Search URL Search Domain Scan URL
Title: Yardım ve Öneriler
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ Page URL
- http://www.3dsecure-denizv2bank.ml.cloud-mining2.gq/indexs.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
891 B 620 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/img/ |
37 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
indexs.php
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
260 KB 134 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ruxitagentjs_ICA27SVfqrux_10221210805073954.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.14f38c16c3244b5492af.css
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
566 KB 93 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading.gif
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/img/ |
37 KB 37 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-light.svg
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/img/ |
176 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.png
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sifre.png
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-footer-logo.svg
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/img/login/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enbd.png
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.c298608e9647c69cc550.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.e7c27bf15bf48a72de71.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.e8b3c78207fa4f6d6f74.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.67eb8a7592425af0ba81.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.c01c0c9a76089d1c0f34.js
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
183 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
autumn.jpg
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/_assets/img/login/bg/ |
379 KB 379 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.1045337df148fc781940.woff2
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold-webfont.7b013a3110831768093f.woff2
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.c435f6679b6ae91aaab8.woff2
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.d389759376bc2ac55ee9.woff
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.ba28aba0329c0fc0e825.woff
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.de59fdd4cb2064d64a60.ttf
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold-webfont.c04f02eb3292e49d2d4e.woff
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.bd27675dc128701282e0.woff
www.3dsecure-denizv2bank.ml.cloud-mining2.gq/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Denizbank (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| path string| baseHref undefined| xmlhttp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.3dsecure-denizv2bank.ml.cloud-mining2.gq
2.59.117.56
05bc1bc3d439cd38dd0124520b89860610a302973d34ba226b749b2ce8243ee3
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
26314b985df0b9a0274614772106f29b5d7f445caffc40065d6973a4e801ff8d
3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb
4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a
59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378
7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17
97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309
adc59ad956e0d67f68f86a803f0afff4ab17ff1bec7fa039f94a6443b5404fe1
d109b056fe200d908c30f76896be2eadee5d0ac4de4e829c8143e9602feee49d
f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542