auth.bankofkarditsa.com Open in urlscan Pro
20.107.75.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.bankofkarditsa.com/
Submission: On July 17 via automatic, source certstream-suspicious (July 17th 2024, 9:10:10 am UTC) — Scanned from NL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 20.107.75.56, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.bankofkarditsa.com.
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.

This is the only time auth.bankofkarditsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	20.107.75.56 20.107.75.56		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	1

9 20.107.75.56 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

auth.bankofkarditsa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	bankofkarditsa.com auth.bankofkarditsa.com	472 KB
9	1

	Domain	Requested by
9	auth.bankofkarditsa.com	auth.bankofkarditsa.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid
auth.bankofkarditsa.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.bankofkarditsa.com/
Frame ID: 38D91A7F76EE236CBD51D9B224747CB7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identity Provider

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

472 kB
Transfer

471 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
auth.bankofkarditsa.com/ 2 KB
2 KB 85ms
18ms Document
text/html 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bankofkarditsa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b002dfb897d2f2065eb9d99f7649154a65988611a8e3b2fb1932f094fb2a92e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
content-type: text/html; charset=utf-8
date: Wed, 17 Jul 2024 09:10:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: Microsoft-IIS/10.0
x-content-security-policy: default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 bootstrap.css
auth.bankofkarditsa.com/lib/bootstrap/css/ 146 KB
146 KB 39ms
38ms Stylesheet
text/css 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bankofkarditsa.com/lib/bootstrap/css/bootstrap.css
Requested by: Host: auth.bankofkarditsa.com
URL: https://auth.bankofkarditsa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d7bbfd9fe8f2f72d13af85f8ac952954a33bdf5121150bed4b94a828a9b9da0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Wed, 20 Mar 2024 11:16:13 GMT
server: Microsoft-IIS/10.0
etag: "1da7ab804923b60"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 149472

GET
H2 200 site.css
auth.bankofkarditsa.com/css/ 4 KB
4 KB 51ms
50ms Stylesheet
text/css 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bankofkarditsa.com/css/site.css
Requested by: Host: auth.bankofkarditsa.com
URL: https://auth.bankofkarditsa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 128fcf04241db99cba76e7c588f733ca83ca3be227137913170e095d53574761

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Mon, 08 Jul 2024 06:44:43 GMT
server: Microsoft-IIS/10.0
etag: "1dad10250683195"
x-powered-by: ASP.NET
content-type: text/css
accept-ranges: bytes
content-length: 3605

GET
H2 200 uk.svg
auth.bankofkarditsa.com/ 3 KB
3 KB 87ms
87ms Image
image/svg+xml 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.bankofkarditsa.com/uk.svg
Requested by: Host: auth.bankofkarditsa.com
URL: https://auth.bankofkarditsa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1a55a5ced0b629a0bdc966b76b6cd4348cf7dc75a04a91ccc63900bea8cdbcf6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Wed, 20 Mar 2024 11:16:13 GMT
server: Microsoft-IIS/10.0
etag: "1da7ab8049076a7"
x-powered-by: ASP.NET
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2599

GET
H2 200 bank_tr_icon.png
auth.bankofkarditsa.com/ 7 KB
7 KB 51ms
50ms Image
image/png 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.bankofkarditsa.com/bank_tr_icon.png
Requested by: Host: auth.bankofkarditsa.com
URL: https://auth.bankofkarditsa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 48ef7421e1b2f4847a08503b42c04035e0bd3de92ccb0173d592335384ee7e3d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Thu, 04 Jul 2024 10:30:33 GMT
server: Microsoft-IIS/10.0
etag: "1dacdfd332f37e1"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 7521

GET
H2 200 jquery.js Show response
auth.bankofkarditsa.com/lib/jquery/ 242 KB
242 KB 24ms
23ms Script
application/javascript 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bankofkarditsa.com/lib/jquery/jquery.js
Requested by: Host: auth.bankofkarditsa.com
URL: https://auth.bankofkarditsa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Wed, 20 Mar 2024 11:16:13 GMT
server: Microsoft-IIS/10.0
etag: "1da7ab80493bbad"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 247597

GET
H2 200 bootstrap.js Show response
auth.bankofkarditsa.com/lib/bootstrap/js/ 67 KB
67 KB 66ms
66ms Script
application/javascript 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bankofkarditsa.com/lib/bootstrap/js/bootstrap.js
Requested by: Host: auth.bankofkarditsa.com
URL: https://auth.bankofkarditsa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Wed, 20 Mar 2024 11:16:13 GMT
server: Microsoft-IIS/10.0
etag: "1da7ab80491719a"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 68890

GET
H2 200 bank_favicon.png
auth.bankofkarditsa.com/ 483 B
585 B 16ms
16ms Other
image/png 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bankofkarditsa.com/bank_favicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4afe17f7e771cfa6efc7e77888787a0535c936f6e5102d7e618d5e801a0eab99

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Wed, 10 Feb 2021 07:20:23 GMT
server: Microsoft-IIS/10.0
etag: "1d6ff7d32115463"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 483

GET
H2 200 bank_favicon.png
auth.bankofkarditsa.com/ 483 B
0 0ms
0ms Other
image/png 20.107.75.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bankofkarditsa.com/bank_favicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.107.75.56 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4afe17f7e771cfa6efc7e77888787a0535c936f6e5102d7e618d5e801a0eab99

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 09:10:05 GMT
last-modified: Wed, 10 Feb 2021 07:20:23 GMT
server: Microsoft-IIS/10.0
etag: "1d6ff7d32115463"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 483

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://auth.bankofkarditsa.com/ Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://auth.bankofkarditsa.com/(Line 16) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Izhm/m7C06vZXo+MP/8wXB4ZzmXqw/XvTu9WvKm/VKk='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://auth.bankofkarditsa.com/(Line 28) Message: Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-7uP4UMn0lzlm+J1RYqmY7+9oGVF+O/z16924/Q7zptE='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Security-Policy	default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.bankofkarditsa.com
20.107.75.56
128fcf04241db99cba76e7c588f733ca83ca3be227137913170e095d53574761
1a55a5ced0b629a0bdc966b76b6cd4348cf7dc75a04a91ccc63900bea8cdbcf6
48ef7421e1b2f4847a08503b42c04035e0bd3de92ccb0173d592335384ee7e3d
4afe17f7e771cfa6efc7e77888787a0535c936f6e5102d7e618d5e801a0eab99
8d7bbfd9fe8f2f72d13af85f8ac952954a33bdf5121150bed4b94a828a9b9da0
b002dfb897d2f2065eb9d99f7649154a65988611a8e3b2fb1932f094fb2a92e6
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

auth.bankofkarditsa.com Open in urlscan Pro 20.107.75.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

472 kBTransfer

471 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

auth.bankofkarditsa.com Open in urlscan Pro
20.107.75.56 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

472 kB
Transfer

471 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions