www.ziraatbank.ambucurie.ro Open in urlscan Pro
185.165.184.56  Malicious Activity! Public Scan

URL: https://www.ziraatbank.ambucurie.ro/
Submission: On July 07 via api from TR — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 185.165.184.56, located in Romania and belongs to CHML-AS, RO. The main domain is www.ziraatbank.ambucurie.ro.
TLS certificate: Issued by R3 on July 7th 2023. Valid for: 3 months.
This is the only time www.ziraatbank.ambucurie.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
4 185.165.184.56 40975 (CHML-AS)
12 194.24.224.11 31471 (FINTEK-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:e6:... 13335 (CLOUDFLAR...)
2 107.154.251.104 19551 (INCAPSULA)
30 6
Apex Domain
Subdomains
Transfer
12 ziraatbank.com.tr
bireysel.ziraatbank.com.tr — Cisco Umbrella Rank: 997667
2 MB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2060
ka-f.fontawesome.com — Cisco Umbrella Rank: 4529
182 KB
4 ambucurie.ro
www.ziraatbank.ambucurie.ro
37 KB
2 globalsiteanalytics.com
globalsiteanalytics.com — Cisco Umbrella Rank: 25019
3 KB
30 4
Domain Requested by
12 bireysel.ziraatbank.com.tr www.ziraatbank.ambucurie.ro
bireysel.ziraatbank.com.tr
5 ka-f.fontawesome.com kit.fontawesome.com
www.ziraatbank.ambucurie.ro
4 www.ziraatbank.ambucurie.ro www.ziraatbank.ambucurie.ro
2 globalsiteanalytics.com bireysel.ziraatbank.com.tr
1 kit.fontawesome.com www.ziraatbank.ambucurie.ro
30 5

This site contains links to these domains. Also see Links.

Domain
kurumsal.ziraatbank.com.tr
bireysel.ziraatbank.com.tr
Subject Issuer Validity Valid
ziraatbankambucurie.ro.ambucurie.ro
R3
2023-07-07 -
2023-10-05
3 months crt.sh
bireysel.ziraatbank.com.tr
GeoTrust RSA CA 2018
2023-03-07 -
2024-03-06
a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-22 -
2023-12-23
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-12 -
2023-08-12
a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-06-21 -
2023-12-18
6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ziraatbank.ambucurie.ro/
Frame ID: 9735CDFA3ED389FC9E9A239459F1C3A1
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Hoş Geldiniz | Ziraat Bankası İnternet Bankacılığı

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

80 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

1994 kB
Transfer

2733 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.ziraatbank.ambucurie.ro/
45 KB
12 KB
Document
General
Full URL
https://www.ziraatbank.ambucurie.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.165.184.56 , Romania, ASN40975 (CHML-AS, RO),
Reverse DNS
unassigned.ghesi.net
Software
nginx /
Resource Hash
d8265f2790c25a45f9e7b0e89eaef3a49b1086444a0fc4a03e53acb1d93f726d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
12051
content-type
text/html
date
Fri, 07 Jul 2023 13:26:04 GMT
last-modified
Fri, 25 Nov 2022 08:34:04 GMT
server
nginx
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
plugins.min.css
bireysel.ziraatbank.com.tr/Content/assets/bundle/css/
340 KB
83 KB
Stylesheet
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/plugins.min.css?v=3-oWtmXet6oQr6RY8XOz8o83EN5HmnSjRrJa96Klu701
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
dfea16b665deb7aa10afa458f173b3f28f3710de479a74a346b25af7a2a5bbbd
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 07 Jul 2023 13:26:06 GMT
Age
67
Connection
Keep-Alive
Content-Length
84588
Last-Modified
Fri, 03 Jun 2022 23:20:06 GMT
ETag
"b12ed775a077d81:0"
X-OPNET-Transaction-Trace
a2_f075fcd7-5fab-4a1a-96cb-2f446972f00a-7652-315042
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Accept-Ranges
bytes
sub.min.css
bireysel.ziraatbank.com.tr/Content/assets/bundle/css/
405 KB
91 KB
Stylesheet
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/sub.min.css?v=UHf3w7Dx65qrplVwGOINo143tkJVE7it7hD_ZMX6wQs1
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
52a529b215f386828b22055be3ea6378db44a35dd419d6b23794bcffd72f2171
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 07 Jul 2023 13:26:06 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 17 Jun 2023 23:11:54 GMT
Content-Encoding
gzip
ETag
"224c41b71a1d91:0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
jquery.min.js
bireysel.ziraatbank.com.tr/Content/assets/bundle/js/
315 KB
316 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/jquery.min.js?v=sTnYq8pmR0kDnP8pW0NfkjF7_30wgfwhoplCtCyf7v41
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
0dde90fd967ff6f805590df7cdd3b514fc018a43f77e1d6ce913a6a70708d79f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 07 Jul 2023 13:26:05 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Dec 2022 23:16:34 GMT
ETag
"3cf0f1fa46d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
322579
zrtprefs.min.js
bireysel.ziraatbank.com.tr/Content/assets/bundle/js/
23 KB
23 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/zrtprefs.min.js?v=Yay4gxSwaLW2t9HOQWmwDCfxrHP-3sWbXlt7AY4BCeU1
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
61acb88314b068b5b6b7d1ce4169b00c27f1ac73fedec59b5e5b7b018e0109e5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Aug 2021 23:09:15 GMT
Age
472
ETag
"9730dd13188bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23383
a0a04de24e.js
kit.fontawesome.com/
11 KB
5 KB
Script
General
Full URL
https://kit.fontawesome.com/a0a04de24e.js
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58deb0caf5165649bf820c37d988f462e2e75aeb297968d5fb501c09a1243d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.ziraatbank.ambucurie.ro/
Origin
https://www.ziraatbank.ambucurie.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:04 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7e306ac8df016913-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F2-YxtAsOtbNXCR1Megj
WebResource.axd
bireysel.ziraatbank.com.tr/
23 KB
7 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/WebResource.axd?d=SqZa8GYeN-voTRZ-GMsb11KKLzsM4GjYxTGAXg23ajVoLdblDojATKR_7aSBdwvGYc1HUN_gkQjb5mtE0&t=637811837229275428
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 07 Jul 2023 13:26:06 GMT
Last-Modified
Wed, 23 Feb 2022 00:28:42 GMT
Age
3186
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
domain
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6192
Expires
Sat, 06 Jul 2024 03:32:29 GMT
WebResource.axd
bireysel.ziraatbank.com.tr/
26 KB
8 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/WebResource.axd?d=agHyoqmM5R2HZK0hGHfDVytXXsb63ddjF_nKao5XovSnHZhjS6or_fp52iypVd59PLxUB0lM_JvLk5XHaiBfD53SBAg1&t=637811837229275428
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 07 Jul 2023 13:26:06 GMT
Last-Modified
Wed, 23 Feb 2022 00:28:42 GMT
Age
3467
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
domain
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7340
Expires
Sat, 06 Jul 2024 03:27:25 GMT
phone_002.png
www.ziraatbank.ambucurie.ro/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/
8 KB
9 KB
Image
General
Full URL
https://www.ziraatbank.ambucurie.ro/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/phone_002.png
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.165.184.56 , Romania, ASN40975 (CHML-AS, RO),
Reverse DNS
unassigned.ghesi.net
Software
nginx /
Resource Hash
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
last-modified
Thu, 10 Nov 2022 14:42:38 GMT
server
nginx
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8378
expires
Fri, 14 Jul 2023 13:26:07 GMT
phone.png
www.ziraatbank.ambucurie.ro/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/
10 KB
10 KB
Image
General
Full URL
https://www.ziraatbank.ambucurie.ro/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/phone.png
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.165.184.56 , Romania, ASN40975 (CHML-AS, RO),
Reverse DNS
unassigned.ghesi.net
Software
nginx /
Resource Hash
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
last-modified
Thu, 10 Nov 2022 14:42:38 GMT
server
nginx
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
9783
expires
Fri, 14 Jul 2023 13:26:07 GMT
comodo-logo.png
www.ziraatbank.ambucurie.ro/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/
6 KB
7 KB
Image
General
Full URL
https://www.ziraatbank.ambucurie.ro/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/comodo-logo.png
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.165.184.56 , Romania, ASN40975 (CHML-AS, RO),
Reverse DNS
unassigned.ghesi.net
Software
nginx /
Resource Hash
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
last-modified
Thu, 10 Nov 2022 14:42:38 GMT
server
nginx
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6295
expires
Fri, 14 Jul 2023 13:26:07 GMT
core.min.js
bireysel.ziraatbank.com.tr/Content/assets/bundle/js/
221 KB
222 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/core.min.js?v=8tJU7D4-xsT2k3non0UE2_2pDyccXH0eM3Q6fqveukY1
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
f2d254ec3e3ec6c4f69379e89f4504dbfda90f271c5c7d1e33743a7eabdeba46
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 03 Jun 2022 23:19:20 GMT
Age
3055
ETag
"92fbab5aa077d81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
226435
dashboard.min.js
bireysel.ziraatbank.com.tr/Content/assets/bundle/js/
193 KB
193 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/dashboard.min.js?v=gKbX1EYtQEHZxJECE744bma6Xiv88qu87gpFe9_B0ps1
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
80a6d7d4462d4041d9c4910213be386e66ba5e2bfcf2abbcee0a457bdfc1d29b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Aug 2021 23:07:10 GMT
Age
221
ETag
"147263c9178bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
197509
subpage.min.js
bireysel.ziraatbank.com.tr/Content/assets/bundle/js/
365 KB
365 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/subpage.min.js?v=9_N4KeZNTU3IrnNlkVGyybxXUPXFxIKvHk8nH2tzLKE1
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
f7f37829e64d4d4dc8ae73659151b2c9bc5750f5c5c482af1e4f271f6b732ca1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Aug 2021 23:07:11 GMT
Age
87
ETag
"24996ac9178bd71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
373314
ui.min.js
bireysel.ziraatbank.com.tr/Content/assets/bundle/js/
155 KB
156 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/ui.min.js?v=Dy9TMlPS_StMlZA09zIc2ngjWIshJ7c94qs7pwVNxAI1
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
d6c3b2e6ae9fdc8bfe6d2840db5f04e37fd296a5e5062740691100b12fa12ea0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 17 Jun 2023 23:13:47 GMT
Age
2631
ETag
"19ac05e71a1d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
158998
free.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/
100 KB
23 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=a0a04de24e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a0a04de24e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
via
1.1 15e6afc335dbbf726da2dd95038f862a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:21 GMT
server
cloudflare
etag
W/"5febfb939e2fc4ddf14fffae53b72cf0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB6fz5pRkQIxvGqOaJQoo3C2j2scbE6MNLk7H67kTXok65XBjHmhQuwneehDwuTa1AQs4ORi14LAMeT5VvVbF%2BYfDY6dlqmxwj%2F%2BRIqje1jnXu2FcwPuVleRq%2FZEpGb7z%2BlUqE4mAjWr62vWP01e1PCBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7e306ad96e4204a3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
M5KwSatN13Wp5mgfTJ7klBukvt8O0mnoWgOa39YyWnXdjIusYyvQLg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/
27 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=a0a04de24e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a0a04de24e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
via
1.1 6f1a76f707ac2d807864095749c2cb20.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
W/"5193a6de5225940ae4ef5f7c82126be9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOt0DFEQ0KF0z%2FdUTX%2FOrzLFDdPTpP7L0oT3rNcwlIBTEvp1msf2%2FrtBRvQlajmPLWlj5C1QCuRxg4KV3htKogUrrDbGOyvDis0oFdtFGzh04uayfCOeH30zQKb5YwTJ2SHO6nlq46MuxgIGp0GDwyERgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7e306ad96e4404a3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
GP0y3DWYOGjYVkX0zWsOLeQmLs2hCBxxdY00hKGTuaCTu3HjbCA8hQ==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/
823 B
1 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=a0a04de24e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a0a04de24e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
via
1.1 652331095b841aa2e89ce3a0cd676d04.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
W/"5856e3f07fbc36fc4d430a95a577a87f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZk7zPBylo1jY9bf0JFjzbX9l4uZ%2BdD631%2BbRWo776iCS5GlT8MeoaxDD9yxcjHZxFD%2B44wmsorCRMqONmfiOKatKq0xG5jdFLwrCuF1KavO0i6M3E1HSfWy3Aht7SL6KuyrhDtxVGKBBxk4qwlNj9Q6yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7e306ad96e4604a3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
JZYPA6PnrcmUgoFbmMP3Zy5iT1pDT956Kr-BzId_wG7ukYcu63E33Q==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.4.0/css/
2 KB
1 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=a0a04de24e
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a0a04de24e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
via
1.1 4bb1350a7e907cdd02f8977c1aa46622.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 21:29:20 GMT
server
cloudflare
etag
W/"9e7f9f634ace089bcdacc3fcc5f23ce5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILSPYEPIe0JYWHMOwEtl6R1dG70Qmd9EVp2dGyKZN4DYvzwyuud1ErhvZgrzF9MWFDMfXoZKmY7lv9F7fStqFW6gslI%2FOCYtXweU%2FzsnQ4UATpLydLzwi4yqPmVeNr6nwSWyozIjqyjbXV3JAHy%2BjApoPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7e306ad96e4704a3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
lpNuQ0SI6HXIS78gsiKEv9A1W4N-7Rd8xj65HaY08RZwVtis257qOA==
login-bg.jpg
bireysel.ziraatbank.com.tr/Content/assets/img/
104 KB
105 KB
Image
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/img/login-bg.jpg?v=20181004
Requested by
Host: bireysel.ziraatbank.com.tr
URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/sub.min.css?v=UHf3w7Dx65qrplVwGOINo143tkJVE7it7hD_ZMX6wQs1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/sub.min.css?v=UHf3w7Dx65qrplVwGOINo143tkJVE7it7hD_ZMX6wQs1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 18 Feb 2019 12:59:43 GMT
Age
2419
ETag
"e2e01ed189c7d41:0"
X-OPNET-Transaction-Trace
a2_0cb7e498-620f-42be-99e1-e739a5ba3693-8436-912843
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
106717
BB78E1BCF28E9E4CC.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/
0
0

D40DF048D299CA4DD.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/
0
0

CFFA5595DEF2590DC.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/
0
0

free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.0/webfonts/
147 KB
147 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: www.ziraatbank.ambucurie.ro
URL: https://www.ziraatbank.ambucurie.ro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ed5cd319e1b6bcac2b0d2ab3ebe5474d72327ef3d700fd553f4cf1b5d23a35

Request headers

Referer
https://www.ziraatbank.ambucurie.ro/
Origin
https://www.ziraatbank.ambucurie.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:07 GMT
via
1.1 fd000a128e6bb534d86b423d2d506d52.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
150120
last-modified
Fri, 24 Mar 2023 05:23:18 GMT
server
cloudflare
etag
"47c0d51ac60ec37c20bc6f755cc9f71b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwSt7VTaZIr18kFkn0YXjg6KKUI6m1opMFpch9TOkksUXeQc%2BF5XysuYZ91AqQ8ahWZ%2BFtTeZBO2rNEFt35nROHKb3oH7LwILnM99WxcWndKEUKR%2F%2BVKmknu3K%2B0U2sPIIE5mxVvkupw%2FfYyh39rA30KJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7e306ada0ee204a3-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
PJotk9Q41hu6CjPNRaBE-Aa-LN-aw-vx_w3lKGCbgL1TJdVnag0iYQ==
resource.png
globalsiteanalytics.com/resource/
67 B
659 B
XHR
General
Full URL
https://globalsiteanalytics.com/resource/resource.png
Requested by
Host: bireysel.ziraatbank.com.tr
URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/zrtprefs.min.js?v=Yay4gxSwaLW2t9HOQWmwDCfxrHP-3sWbXlt7AY4BCeU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.251.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.251.104.ip.incapdns.net
Software
Apache-Coyote/1.1 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 13:26:08 GMT
last-modified
Fri, 07 Jul 2023 13:26:08 GMT
server
Apache-Coyote/1.1
x-cdn
Imperva
content-type
image/png
access-control-allow-origin
*
x-iinfo
9-74330340-74330348 NNNN CT(129 129 0) RT(1688736367143 29) q(0 0 3 0) r(4 4) U24
cache-control
max-age=31536000, private
content-length
67
expires
Sat, 06 Jul 2024 13:26:08 GMT
hdim
globalsiteanalytics.com/service/
2 KB
2 KB
XHR
General
Full URL
https://globalsiteanalytics.com/service/hdim
Requested by
Host: bireysel.ziraatbank.com.tr
URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/zrtprefs.min.js?v=Yay4gxSwaLW2t9HOQWmwDCfxrHP-3sWbXlt7AY4BCeU1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.251.104 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.251.104.ip.incapdns.net
Software
/
Resource Hash
b964b2288c5f3bace78615b8c60f56973bce2a1a6d43563c8ed2f6ac51df268b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
x-iinfo
9-74330340-74330349 NNYN CT(128 130 0) RT(1688736367143 30) q(0 0 3 1) r(4 4) U24
date
Fri, 07 Jul 2023 13:26:08 GMT
cache-control
no-cache, no-transform
content-encoding
gzip
x-cdn
Imperva
content-type
text/plain
video.min.js
bireysel.ziraatbank.com.tr/Content/assets/js/plugins/
204 KB
204 KB
Script
General
Full URL
https://bireysel.ziraatbank.com.tr/Content/assets/js/plugins/video.min.js
Requested by
Host: bireysel.ziraatbank.com.tr
URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/jquery.min.js?v=sTnYq8pmR0kDnP8pW0NfkjF7_30wgfwhoplCtCyf7v41
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR),
Reverse DNS
Software
/
Resource Hash
5464622544b173bc096c77df737277080b6c94bd331b9341a92a1b848bf21d53
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ziraatbank.ambucurie.ro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Fri, 07 Jul 2023 13:26:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 08 Mar 2019 23:31:54 GMT
Age
552
ETag
"83794a1d7d6d41:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
domain
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
208953
BB78E1BCF28E9E4CC.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/
0
0

D40DF048D299CA4DD.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/
0
0

CFFA5595DEF2590DC.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bireysel.ziraatbank.com.tr
URL
https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
Domain
bireysel.ziraatbank.com.tr
URL
https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
Domain
bireysel.ziraatbank.com.tr
URL
https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff2
Domain
bireysel.ziraatbank.com.tr
URL
https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff
Domain
bireysel.ziraatbank.com.tr
URL
https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff
Domain
bireysel.ziraatbank.com.tr
URL
https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

484 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt boolean| credentialless object| onbeforetoggle object| onscrollend string| relativePath function| getInternetExplorerVersion function| ForceEqualHeightOnColumns function| GetWhichCode function| isAlphaNumericForPin function| arrangePagerRow function| FcsToCtrl function| showElement function| hideElement function| imageControl function| onFTimeOutClick function| IsValidDate function| IsValidISODate function| dummyLoading function| dummyHideLoading function| appendSpinnerCircles function| getSpinnerHtml function| GetValidationMsg function| CheckAlphaNumericCurrentPinEntry function| CheckDescription function| GetDropDownData function| FilterDropDown function| clearDropDown function| IsInvalidChar function| CheckGivenText function| GetCharacterCode function| IsValidCharacterCode function| getStepContainerData function| isCheckedBox function| hideClass function| showClass function| hideSelector function| showSelector function| alertMSG function| infoMSG function| removeAlertModalDefaults function| successMSG function| hideAlertMSG function| confirmMSG function| confirmMSGWithCallBack function| showConfirm function| hideConfirm function| isCheckedRadioBox function| changeAmountBoxCurrency function| GetSelectedRadioAttributeValue function| GetSelectedRadio function| TcknCheckDigit function| GetDatePickerDate function| GetDatePickerDateYMD function| GetAmount function| GetCustomAmount function| textBoxValue function| textBoxHaveValue function| keyToUpperCase function| toNonTRCharsWithUpperCase function| removeTurkishChars function| toTRUpperCase function| openLightBoxWithUrl function| isValidPhone function| isValidSMSNumber function| isValidPhoneNumber function| exportContent function| exportContentNoDimension function| openExportPage function| printPage function| printPageNoDimension function| printReceipt function| isValidEmail function| convertToUpperCase function| setHasFormChanges function| checkChanges function| GetGridViewSelectedItem function| GetGridViewSelectedItemAttr function| GetCustomerNoFromAccount function| isAlphanumeric function| isNumber function| isString function| isNum function| isDescription function| getCode function| CheckAlphaNumericNewPinEntry function| hasConsecutiveCharacter function| getAllMatches function| maskPanel function| maskElement function| unmaskPanel function| unmaskElement function| VknCheckDigit function| IsFutureDate function| thisBlur function| isValidIBANValue function| isValidIBAN function| isEmpty function| isWhitespace function| checkCharsFromList function| checkControlDigits function| prepareToCalcControlDigits function| convertToNumber function| mod97 function| IsAlphaNumeric function| IsNumeric function| CheckDynamicRegex function| SetDatePickerDate function| navigateTo function| navigateToPage function| RemoveCheckedBox function| DashedCheckboxClicked function| FilterBoxListGridOrg function| FilterBoxListGrid function| GetFormData function| checkPassword function| ResolveIban function| IsZiraatBankIban function| OzIsValidIban function| customGridViewSelect function| isValidIBANTR function| isMsIE function| onInputFocus function| onInputBlur function| fCountDownbyTime function| fCountDown function| StartLoggOff function| onYesClicked function| onNoClicked function| resetCounter function| CheckForZiraatInvestmentLoginStatus function| CheckForZiraatInvestmentLoginStatusCallBack function| changeAmountBoxAmount function| changeAmount function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs function| disableFlash function| enableFlash function| javaScriptFlicker function| flashFlicker function| showFlicker function| showFlickerTable function| toggleFlickerVisibility function| getFlickerWidth function| resizeFlicker function| resizeFlickerWH function| loadFlickerCookie function| showFlickerActions function| flickerOpenHelper function| flickerSpeedFaster function| flickerSpeedSlower function| calculateMsFromClockSpeed function| showFlickerBackground function| getFlickerCookieValue function| setFlickerCookieValue function| str_repeat function| sprintf function| luhnCalc function| xorCalc function| getASCIIHexFormatForSecOPTICCharacterSet function| getASCIIHexFormatForZKACharacterSet function| normalizeNonASCIIElements function| containsNonDigits function| getLS function| getLbdex function| getHalfByteDezValue function| getXorDataSecOPTIC function| secOPTICFlicker function| getXorDataV14Stuzza function| stuzzaHHD14Flicker function| getXorDataV14 function| hhd14Flicker function| getXorDataV101 function| hhd101Flicker function| AsyncPost function| FrameOutUrl function| TrySettingScrollPosition function| TryShowIframe function| CheckNewTab function| SetNewTabID object| Browser object| ieBrowser object| touchBrowser boolean| isMobile boolean| isMobileRecourse boolean| is_chrome boolean| is_firefox object| validMessageList object| bindedClickFunctions function| delayThis string| whitespaceall string| whitespace string| letters string| digits function| FilterBoxListGridDbn object| selectedCheckBoxes boolean| fTimeoutShowedOnce object| regexHasRepeatedCharacter object| regexHasLetter object| regexHasDigit object| regexBirthDay object| regexBirthDayYear number| birthDayMinYear string| characterAlphabet object| characterAlphabetValues boolean| isIE boolean| isWin boolean| isOpera number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| globalFlickerPath undefined| globalFlickerCode undefined| globalClockSpeed boolean| globalHasFlash boolean| globalFlashDisabled object| globalTimerSettings function| $ function| jQuery function| dragula function| _ function| moment function| Cookies function| CloseAlertMsg object| VeriBranch object| zrtadx object| FontAwesomeKitConfig string| sid boolean| is_DefaultSubmit object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit object| dd5fcb6461304a64adbfb0462736cb6f function| WebForm_OnSubmit function| ValidateIdentity function| CheckCustomerNumberTCKN function| RestorePlaceholder function| removeCookies function| setIdentity function| ValidatePage function| loginDummyLoading object| Page_Validators object| ctl00_c_PageValidation boolean| Page_ValidationActive function| ValidatorOnSubmit function| OpenSMSOptionLb function| openIpIspWarning object| ProgressBar function| RateYo function| closeMenu function| openMenu function| RSAKeyPair function| twoDigit function| toWin1254 function| toUtf8 function| encryptedString function| decryptedString function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| encryptPassword function| EncryptText function| EncryptFormInputs object| $jscomp object| Plugins number| dpl10 object| lr10 object| hexatrigesimalToChar object| hexToChar object| highBitMasks object| lowBitMasks object| unicode object| win1254 object| utf8_lo object| utf8_hi number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| Sly function| Inputmask function| CampaignButtonClick function| redirectToTxn function| CampaignLightBoxClosed function| CampaignLogoutButtonClick boolean| f boolean| mCustomScrollbar function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| lottie object| bodymovin object| hopscotch function| calculateFileSize function| calculateFileSizeByType function| validFileType function| getContentUrl function| InitializePlugins function| setCloseFunction object| MODULES object| ZIRAAT object| fileSizeType object| FileSizeType boolean| arrwEnabled object| $frame undefined| slyPlugin boolean| isSubmitted function| loginSubmit function| ShowLoginLoading function| HideLoginLoading function| SetUserPrefs object| Page_ValidationSummaries object| $filterButton object| $filterIb object| $filterWrap object| $filterSection object| $Back object| $MobileBack object| $PageBack object| $filterText object| $filterSwipeTab object| $resultScreenFilter object| $filterBtnWrap object| $_stepItem object| $_targetBlankItem object| $_eligibleItem object| $_blockItem object| $_tabItem object| $_tabPanel object| $_searchKey object| $scrollBox object| $partialItem object| $el object| $tabItem object| $tabContainer object| $videoBody object| $videos object| $openVideosBtn object| $videoItem object| $playerModal object| $playerModalBody object| $playerModalFooterThumb object| $modalThumbs object| $modalThumbItem object| $banner boolean| modulesInitialized object| $element object| $tableBox object| $tableCheck object| $tableDropdown object| $tableText object| $getButtonData object| $tableModalRenderView object| $tableScroll object| $fixAccount object| $transfercurrencyType object| $transferBranch object| vttjs function| WebVTT function| videojs string| currentTabIndex string| storedTabIndex

0 Cookies

12 Console Messages

Source Level URL
Text
javascript error URL: https://www.ziraatbank.ambucurie.ro/
Message:
Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2' from origin 'https://www.ziraatbank.ambucurie.ro' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network error URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ziraatbank.ambucurie.ro/
Message:
Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2' from origin 'https://www.ziraatbank.ambucurie.ro' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network error URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ziraatbank.ambucurie.ro/
Message:
Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff2' from origin 'https://www.ziraatbank.ambucurie.ro' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network error URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ziraatbank.ambucurie.ro/
Message:
Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff' from origin 'https://www.ziraatbank.ambucurie.ro' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network error URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ziraatbank.ambucurie.ro/
Message:
Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff' from origin 'https://www.ziraatbank.ambucurie.ro' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network error URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.ziraatbank.ambucurie.ro/
Message:
Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff' from origin 'https://www.ziraatbank.ambucurie.ro' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network error URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bireysel.ziraatbank.com.tr
globalsiteanalytics.com
ka-f.fontawesome.com
kit.fontawesome.com
www.ziraatbank.ambucurie.ro
bireysel.ziraatbank.com.tr
107.154.251.104
185.165.184.56
194.24.224.11
2606:4700::6812:1634
2606:4700:e6::ac40:ca1c
0dde90fd967ff6f805590df7cdd3b514fc018a43f77e1d6ce913a6a70708d79f
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575
52a529b215f386828b22055be3ea6378db44a35dd419d6b23794bcffd72f2171
5464622544b173bc096c77df737277080b6c94bd331b9341a92a1b848bf21d53
58deb0caf5165649bf820c37d988f462e2e75aeb297968d5fb501c09a1243d1a
61acb88314b068b5b6b7d1ce4169b00c27f1ac73fedec59b5e5b7b018e0109e5
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
80a6d7d4462d4041d9c4910213be386e66ba5e2bfcf2abbcee0a457bdfc1d29b
af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
b1ed5cd319e1b6bcac2b0d2ab3ebe5474d72327ef3d700fd553f4cf1b5d23a35
b964b2288c5f3bace78615b8c60f56973bce2a1a6d43563c8ed2f6ac51df268b
d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd
d6c3b2e6ae9fdc8bfe6d2840db5f04e37fd296a5e5062740691100b12fa12ea0
d8265f2790c25a45f9e7b0e89eaef3a49b1086444a0fc4a03e53acb1d93f726d
dfea16b665deb7aa10afa458f173b3f28f3710de479a74a346b25af7a2a5bbbd
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f2d254ec3e3ec6c4f69379e89f4504dbfda90f271c5c7d1e33743a7eabdeba46
f7f37829e64d4d4dc8ae73659151b2c9bc5750f5c5c482af1e4f271f6b732ca1
fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1