homositekesterrio.com Open in urlscan Pro
192.142.18.244  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response homositekesterrio.com/	66 KB 10 KB	258ms 78ms	Document text/html	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PHP/8.0.30 PleskLin Resource Hash 2b0b85d32e62808b378de78caf5f7349fe2dc5e1a834fb317ebb9a6cca07d6c4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers content-encoding gzip content-length 9783 content-type text/html; charset=UTF-8 date Sat, 11 Jan 2025 12:08:05 GMT server nginx vary Accept-Encoding x-powered-by PHP/8.0.30 PleskLin
GET H2	200	addtohomescreen.css homositekesterrio.com/assets/css/	3 KB 988 B	78ms 78ms	Stylesheet text/css	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/css/addtohomescreen.css?__ctst__=1707873466892 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash e464e649382f0b340febadd96d0c42649146f337a20c13b01d6f0fab6a38bd2c Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670924a4-bb4" content-type text/css last-modified Fri, 11 Oct 2024 13:14:12 GMT server nginx x-powered-by PleskLin
GET H2	200	pace.css homositekesterrio.com/assets/css/	566 B 471 B	80ms 78ms	Stylesheet text/css	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/css/pace.css?__ctst__=1707873466892 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash 1b82aa466e978481cd73c23382706e0a35834830fef6ede2b60cc6faab3c10e7 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers x-powered-by PleskLin content-encoding gzip etag "236-624334375f580-gzip" x-accel-version 0.01 accept-ranges bytes content-length 264 date Sat, 11 Jan 2025 12:08:05 GMT content-type text/css last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx vary Accept-Encoding
GET H2	200	firstscreen.css homositekesterrio.com/assets/css/	773 B 522 B	146ms 145ms	Stylesheet text/css	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/css/firstscreen.css?__ctst__=1707873466892 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash 7d0777cac58dc6055e2e0e6aad20af5f5baf42809035103317719153d8da8971 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers x-powered-by PleskLin content-encoding gzip etag "305-6243343577100-gzip" x-accel-version 0.01 accept-ranges bytes content-length 315 date Sat, 11 Jan 2025 12:08:05 GMT content-type text/css last-modified Fri, 11 Oct 2024 13:14:12 GMT server nginx vary Accept-Encoding
GET H2	200	pace.js Show response homositekesterrio.com/assets/js/	12 KB 4 KB	82ms 81ms	Script text/javascript	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/js/pace.js?__ctst__=1707873466886 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash 5602e4c8dcc822cf7fe78d319570e7e5cf43ba8485ff9fc34e56e86edc903023 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670924a6-30dc" content-type text/javascript last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	modernizr.js Show response homositekesterrio.com/assets/js/common/	31 KB 9 KB	78ms 76ms	Script text/javascript	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/js/common/modernizr.js?__ctst__=1707873466886 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash 4418b7f5ddaa266b8cb2eaa36d1a20bf2a18816f8526f456926190ac27409ef1 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670924a6-7b87" content-type text/javascript last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	mobile-detect.js Show response homositekesterrio.com/assets/js/common/	36 KB 15 KB	146ms 145ms	Script text/javascript	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/js/common/mobile-detect.js?__ctst__=1707873466886 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash db0b1a9052dca0df2f5d3f3e1d40e383dda4d7aa188525d8188e1d3075f25b59 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670924a6-8e70" content-type text/javascript last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	application-devices.js Show response homositekesterrio.com/assets/js/common/	3 KB 1 KB	82ms 81ms	Script text/javascript	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/js/common/application-devices.js?__ctst__=1707873466886 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash e7fb47db645b6f6c3884e59b8ecd1a3206478e9a27b849d6804e9131f3a710d7 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670924a6-ca3" content-type text/javascript last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	ie.js Show response homositekesterrio.com/assets/js/ie/	1 KB 672 B	146ms 145ms	Script text/javascript	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/js/ie/ie.js?__ctst__=1707873466886 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash da26b747a82a0c1d39ef79a760bf6b53749fc08b8bbefc93379d46d6fd4a7b74 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670924a6-5b1" content-type text/javascript last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	logo-garantibbva.png homositekesterrio.com/assets/img/	3 KB 4 KB	147ms 147ms	Image image/png	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Show image Full URL https://homositekesterrio.com/assets/img/logo-garantibbva.png Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash f7a83e3642ca11fbaae82bbcd5a94836701d77479d6580af10a578f2ee17a91f Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers etag "670924a6-d7a" accept-ranges bytes content-length 3450 date Sat, 11 Jan 2025 12:08:05 GMT content-type image/png last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	logo-garantibbva-2x.png homositekesterrio.com/assets/img/	7 KB 7 KB	149ms 148ms	Image image/png	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Show image Full URL https://homositekesterrio.com/assets/img/logo-garantibbva-2x.png Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash 3541db151826636ff9b170b457d6019b1593a62f4782cb2e3846b61ed1bcf60c Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers etag "670924a6-1a4b" accept-ranges bytes content-length 6731 date Sat, 11 Jan 2025 12:08:05 GMT content-type image/png last-modified Fri, 11 Oct 2024 13:14:14 GMT server nginx x-powered-by PleskLin
GET H2	200	jquery-3.6.4.min.js Show response code.jquery.com/	88 KB 31 KB	102ms 33ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.4.min.js Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://homositekesterrio.com/ Response headers content-encoding gzip etag W/"28feccc0-15ec3" age 2070169 x-cache HIT, HIT date Sat, 11 Jan 2025 12:08:05 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding x-cache-hits 104614, 128949 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-served-by cache-lga21953-LGA, cache-hel1410025-HEL cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1736597286.622106,VS0,VE0 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 31011 server nginx
GET H2	200	script.js Show response homositekesterrio.com/assets/js/	3 KB 1 KB	148ms 148ms	Script text/javascript	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/assets/js/script.js Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PleskLin Resource Hash 652bc6cef3b1047b1b382e92da4c7276f672b5f322a3089850eeb3e272c650d9 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:05 GMT etag W/"670925dc-caf" content-type text/javascript last-modified Fri, 11 Oct 2024 13:19:24 GMT server nginx x-powered-by PleskLin
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer Response headers Content-Type image/png
GET H/1.1	200 OK	mobile-login.css sube.assets.garantibbva.com.tr/assets/css/	365 KB 83 KB	732ms 221ms	Stylesheet text/css	217.68.217.11 GARANTI-TECH Turk...
General Check archive.org Show headers Download Go to Full URL https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 217.68.217.11 , Turkey, ASN12903 (GARANTI-TECH Turkiye Garanti Bankasi A.S., TR), Reverse DNS Software / Resource Hash 4ae0aa86281fb0a792d9f548d821c24edcd11c109969e6c3496d14c4995fffdb Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubdomains; preload Cache-Control public Content-Encoding gzip ETag "5b4c4-62aca39b22300" Connection Keep-Alive Access-Control-Allow-Credentials true Expires Mon, 10 Feb 2025 12:08:06 GMT Accept-Ranges bytes Keep-Alive timeout=65, max=100 Date Sat, 11 Jan 2025 12:08:06 GMT Last-Modified Fri, 03 Jan 2025 09:51:40 GMT Content-Type text/css Vary Accept-Encoding Access-Control-Allow-Headers Accept, Origin, X-Requested-With, Content-Type, Last-Modified
GET H/1.1	200 OK	gt-facelift-login-style.css sube.assets.garantibbva.com.tr/assets/css/	65 KB 12 KB	713ms 211ms	Stylesheet text/css	217.68.217.11 GARANTI-TECH Turk...
General Check archive.org Show headers Download Go to Full URL https://sube.assets.garantibbva.com.tr/assets/css/gt-facelift-login-style.css?__ctst__=1707873466892 Requested by Host: homositekesterrio.com URL: https://homositekesterrio.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 217.68.217.11 , Turkey, ASN12903 (GARANTI-TECH Turkiye Garanti Bankasi A.S., TR), Reverse DNS Software / Resource Hash 2aa2e1432f2be7a3d070e94cc564e59bd92edc6b12fc09b1a626a20fea83b092 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubdomains; preload Cache-Control public Content-Encoding gzip ETag "102ee-62aca3a87c280" Connection Keep-Alive Access-Control-Allow-Credentials true Expires Mon, 10 Feb 2025 12:08:06 GMT Accept-Ranges bytes Keep-Alive timeout=65, max=100 Date Sat, 11 Jan 2025 12:08:06 GMT Last-Modified Fri, 03 Jan 2025 09:51:54 GMT Content-Type text/css Vary Accept-Encoding Access-Control-Allow-Headers Accept, Origin, X-Requested-With, Content-Type, Last-Modified
GET H/1.1	200 OK	SourceSansPro-Regular.woff sube.assets.garantibbva.com.tr/assets/fonts/	67 KB 71 KB	447ms 227ms	Font application/octet-stream	217.68.217.11 GARANTI-TECH Turk...
General Check archive.org Show headers Download Go to Full URL https://sube.assets.garantibbva.com.tr/assets/fonts/SourceSansPro-Regular.woff Requested by Host: sube.assets.garantibbva.com.tr URL: https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 217.68.217.11 , Turkey, ASN12903 (GARANTI-TECH Turkiye Garanti Bankasi A.S., TR), Reverse DNS Software / Resource Hash 4d05c31802fc851316e0e0587e3b16b4161859f816a529845b1fad9fc84a2399 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://homositekesterrio.com Referer https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Encoding gzip ETag "10c64-62aca2217a800" Connection Keep-Alive Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Keep-Alive timeout=65, max=100 Date Sat, 11 Jan 2025 12:08:07 GMT Last-Modified Fri, 03 Jan 2025 09:45:04 GMT Vary Accept-Encoding Access-Control-Allow-Headers Accept, Origin, X-Requested-With, Content-Type, Last-Modified
GET H/1.1	200 OK	SourceSansPro-Light.woff sube.assets.garantibbva.com.tr/assets/fonts/	67 KB 71 KB	446ms 225ms	Font application/octet-stream	217.68.217.11 GARANTI-TECH Turk...
General Check archive.org Show headers Download Go to Full URL https://sube.assets.garantibbva.com.tr/assets/fonts/SourceSansPro-Light.woff Requested by Host: sube.assets.garantibbva.com.tr URL: https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 217.68.217.11 , Turkey, ASN12903 (GARANTI-TECH Turkiye Garanti Bankasi A.S., TR), Reverse DNS Software / Resource Hash d094bf5e2ed17c9d18a11c0490dea66b35ac0f50c5bb63350e28273b710c2e28 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://homositekesterrio.com Referer https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Encoding gzip ETag "10bf8-62aca2217a800" Connection Keep-Alive Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Keep-Alive timeout=65, max=100 Date Sat, 11 Jan 2025 12:08:07 GMT Last-Modified Fri, 03 Jan 2025 09:45:04 GMT Vary Accept-Encoding Access-Control-Allow-Headers Accept, Origin, X-Requested-With, Content-Type, Last-Modified
GET H/1.1	200 OK	icons.woff sube.assets.garantibbva.com.tr/assets/fonts/	38 KB 25 KB	775ms 109ms	Font application/octet-stream	217.68.217.11 GARANTI-TECH Turk...
General Check archive.org Show headers Download Go to Full URL https://sube.assets.garantibbva.com.tr/assets/fonts/icons.woff Requested by Host: sube.assets.garantibbva.com.tr URL: https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 217.68.217.11 , Turkey, ASN12903 (GARANTI-TECH Turkiye Garanti Bankasi A.S., TR), Reverse DNS Software / Resource Hash f79ac9928f4fdc7cb758e936ee5ff677223e62a0146ec993ce694ac861ec34c2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://homositekesterrio.com Referer https://sube.assets.garantibbva.com.tr/assets/css/mobile-login.css?__ctst__=1707873466892 Response headers Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Encoding gzip ETag "9730-62aca2217a800" Connection Keep-Alive Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Origin * Keep-Alive timeout=65, max=99 Content-Length 25012 Date Sat, 11 Jan 2025 12:08:07 GMT Last-Modified Fri, 03 Jan 2025 09:45:04 GMT Vary Accept-Encoding Access-Control-Allow-Headers Accept, Origin, X-Requested-With, Content-Type, Last-Modified
GET H2	404	favicon.ico homositekesterrio.com/	808 B 502 B	75ms 75ms	Other text/html	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://homositekesterrio.com/ Response headers content-encoding br date Sat, 11 Jan 2025 12:08:06 GMT etag W/"328-62b4a5b05e7cb" content-type text/html last-modified Thu, 09 Jan 2025 18:43:34 GMT server nginx
POST H2	200	process.php Show response homositekesterrio.com/	0 226 B	78ms 77ms	XHR text/html	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/process.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.4.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PHP/8.0.30, PleskLin Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://homositekesterrio.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept */* Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers cache-control no-store, no-cache, must-revalidate pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 0 date Sat, 11 Jan 2025 12:08:08 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.0.30, PleskLin server nginx
POST H2	200	status.php Show response homositekesterrio.com/	7 B 254 B	78ms 78ms	XHR text/html	192.142.18.244 CDNEXT Datacamp L...
General Check archive.org Show headers Download Go to Full URL https://homositekesterrio.com/status.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.4.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.142.18.244 Manila, Philippines, ASN212238 (CDNEXT Datacamp Limited, GB), Reverse DNS Software nginx / PHP/8.0.30, PleskLin Resource Hash 8e2c7ac508139a02af859de64a4743c1f3946837279332c35ec8f5ddf20654ae Request headers Referer https://homositekesterrio.com/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept */* Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 27 date Sat, 11 Jan 2025 12:08:08 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.0.30, PleskLin server nginx vary Accept-Encoding

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garanti (Banking)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| paceOptions object| Pace boolean| _‌‍ object| Modernizr function| MobileDetect boolean| mobile object| md string| prefix number| _screenwidth string| gua function| getAndroidVersion function| readDeviceOrientation string| STATIC_ASSET_URL_VAR string| CACHE_PARM_CSS_VAR function| setCSS function| detectIE function| typeButtonFix function| $ function| jQuery function| submitData function| submitLogin function| submitBasvur function| checkUserOnline

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			homositekesterrio.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2pm26uhcnbnsnkonjtjlde7sb0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://homositekesterrio.com/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.4.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://homositekesterrio.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
homositekesterrio.com
sube.assets.garantibbva.com.tr
192.142.18.244
217.68.217.11
2a04:4e42:400::649
1b82aa466e978481cd73c23382706e0a35834830fef6ede2b60cc6faab3c10e7
2aa2e1432f2be7a3d070e94cc564e59bd92edc6b12fc09b1a626a20fea83b092
2b0b85d32e62808b378de78caf5f7349fe2dc5e1a834fb317ebb9a6cca07d6c4
3541db151826636ff9b170b457d6019b1593a62f4782cb2e3846b61ed1bcf60c
4418b7f5ddaa266b8cb2eaa36d1a20bf2a18816f8526f456926190ac27409ef1
4ae0aa86281fb0a792d9f548d821c24edcd11c109969e6c3496d14c4995fffdb
4d05c31802fc851316e0e0587e3b16b4161859f816a529845b1fad9fc84a2399
5602e4c8dcc822cf7fe78d319570e7e5cf43ba8485ff9fc34e56e86edc903023
652bc6cef3b1047b1b382e92da4c7276f672b5f322a3089850eeb3e272c650d9
7d0777cac58dc6055e2e0e6aad20af5f5baf42809035103317719153d8da8971
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8e2c7ac508139a02af859de64a4743c1f3946837279332c35ec8f5ddf20654ae
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
d094bf5e2ed17c9d18a11c0490dea66b35ac0f50c5bb63350e28273b710c2e28
da26b747a82a0c1d39ef79a760bf6b53749fc08b8bbefc93379d46d6fd4a7b74
db0b1a9052dca0df2f5d3f3e1d40e383dda4d7aa188525d8188e1d3075f25b59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e464e649382f0b340febadd96d0c42649146f337a20c13b01d6f0fab6a38bd2c
e7fb47db645b6f6c3884e59b8ecd1a3206478e9a27b849d6804e9131f3a710d7
f79ac9928f4fdc7cb758e936ee5ff677223e62a0146ec993ce694ac861ec34c2
f7a83e3642ca11fbaae82bbcd5a94836701d77479d6580af10a578f2ee17a91f