agstsayisfrdksndkzz8.online
Open in
urlscan Pro
2a02:4780:27:1113:0:d4d:e730:e
Malicious Activity!
Public Scan
Submission: On August 15 via api from TR — Scanned from FR
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 14th 2023. Valid for: 3 months.
This is the only time agstsayisfrdksndkzz8.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Denizbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2a02:4780:27:... 2a02:4780:27:1113:0:d4d:e730:e | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
9 | 195.85.255.15 195.85.255.15 | 29434 (DENIZBANK) (DENIZBANK) | |
28 | 4 |
ASN47583 (AS-HOSTINGER, CY)
agstsayisfrdksndkzz8.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
agstsayisfrdksndkzz8.online
agstsayisfrdksndkzz8.online |
463 KB |
9 |
denizbank.com
acikdeniz.denizbank.com |
791 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 752 |
82 KB |
0 |
analyticsb2c.com
Failed
analyticsb2c.com Failed |
|
28 | 4 |
Domain | Requested by | |
---|---|---|
17 | agstsayisfrdksndkzz8.online |
agstsayisfrdksndkzz8.online
|
9 | acikdeniz.denizbank.com |
agstsayisfrdksndkzz8.online
acikdeniz.denizbank.com |
1 | code.jquery.com |
agstsayisfrdksndkzz8.online
|
0 | analyticsb2c.com Failed |
agstsayisfrdksndkzz8.online
|
28 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.denizbank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
agstsayisfrdksndkzz8.online ZeroSSL RSA Domain Secure Site CA |
2023-08-14 - 2023-11-12 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
acikdeniz.denizbank.com GeoTrust RSA CA 2018 |
2023-01-31 - 2024-02-07 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://agstsayisfrdksndkzz8.online/
Frame ID: E904E7EEC3CAEBE1A4D7445BE568C4B0
Requests: 27 HTTP requests in this frame
Frame:
https://analyticsb2c.com/id.html
Frame ID: FC4A4166B7BAFB0DD699773365899627
Requests: 1 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: İnternet Güvenliği
Search URL Search Domain Scan URL
Title: Yardım ve Öneriler
Search URL Search Domain Scan URL
Title: İşlem Limitleri ve Saatleri
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
agstsayisfrdksndkzz8.online/ |
20 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.0.js
code.jquery.com/ |
278 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ruxitagentjs_ICA2NVfgjqru_10245220704125537.js
acikdeniz.denizbank.com// |
211 KB 109 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Appsettings.json
agstsayisfrdksndkzz8.online/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
acikdeniz.denizbank.com/_assets/js/ |
451 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gib.js
acikdeniz.denizbank.com/_assets/js/ |
308 KB 153 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.c8e474e722a64ef7e433.css
acikdeniz.denizbank.com/ |
695 KB 174 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
agstsayisfrdksndkzz8.online/_assets/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
denizbanklogo.png
agstsayisfrdksndkzz8.online/img/ |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
world.svg
agstsayisfrdksndkzz8.online/_assets/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qrPhoto.jpg
agstsayisfrdksndkzz8.online/img/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
denizbank-mobile.jpg
agstsayisfrdksndkzz8.online/_assets/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-footer-logo.svg
agstsayisfrdksndkzz8.online/_assets/img/login/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enbd.png
agstsayisfrdksndkzz8.online/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.508f31dd75eaa0d280cb.js
agstsayisfrdksndkzz8.online/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.6a09f8ee338329e0c30e.js
agstsayisfrdksndkzz8.online/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.86cdef26bb2352a2877b.js
agstsayisfrdksndkzz8.online/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.01a40475ece1de2c5a39.js
agstsayisfrdksndkzz8.online/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6b7f13a05293e7a9970a.js
agstsayisfrdksndkzz8.online/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
summer.jpg
agstsayisfrdksndkzz8.online/_assets/img/bg/ |
351 KB 351 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
summer.jpg
agstsayisfrdksndkzz8.online/_assets/img/login/bg/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
id.html
analyticsb2c.com/ Frame FC4A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.bab6aa30f8aa54e8db35.ttf
acikdeniz.denizbank.com/assets/ |
106 KB 109 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
acikdeniz.denizbank.com/assets/ |
12 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold-webfont.7b013a3110831768093f.woff2
acikdeniz.denizbank.com/assets/ |
12 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold-webfont.1045337df148fc781940.woff2
acikdeniz.denizbank.com/assets/ |
12 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
summer.jpg
agstsayisfrdksndkzz8.online/_assets/img/login/bg/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tum-islemler-bg.776505492273e7689796.png
acikdeniz.denizbank.com/assets/ |
10 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- analyticsb2c.com
- URL
- https://analyticsb2c.com/id.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Denizbank (Banking)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery object| dT_ object| dtrum object| netmera string| path object| xmlhttp string| versionInfo object| _cls_config object| _detector object| webVitals object| convertize boolean| eventLimitExceeded string| eventToEmit8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.agstsayisfrdksndkzz8.online/ | Name: dtCookie Value: v_4_srv_-2D81_sn_72DASHEH3RT9A3269GCS2PJH6EI895NH |
|
.agstsayisfrdksndkzz8.online/ | Name: rxVisitor Value: 1692073666155KP4R3GIR3F5U0S9JT5A657GTFUG318PQ |
|
.agstsayisfrdksndkzz8.online/ | Name: dtPC Value: -81$73666152_157h1vVNMCFLJGAALABORJMQCBQUSWFFMHLHEI-0e0 |
|
.agstsayisfrdksndkzz8.online/ | Name: dtLatC Value: 22 |
|
.agstsayisfrdksndkzz8.online/ | Name: dtSa Value: - |
|
.agstsayisfrdksndkzz8.online/ | Name: rxvt Value: 1692075466164|1692073666156 |
|
.agstsayisfrdksndkzz8.online/ | Name: _cls_v Value: 95a6cd15-daa7-4f9e-ac73-48aaa601bbec |
|
.agstsayisfrdksndkzz8.online/ | Name: _cls_s Value: cde862c2-e4b8-460f-a582-a63a4856d847:0 |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acikdeniz.denizbank.com
agstsayisfrdksndkzz8.online
analyticsb2c.com
code.jquery.com
analyticsb2c.com
195.85.255.15
2001:4de0:ac18::1:a:1b
2a02:4780:27:1113:0:d4d:e730:e
02f1d4286f43ed9353d086136838a6c9523a8904dfd515b18c55bfd8fe4a7109
13321456b9bb788f8c1f771aef526258ff6da4d4dc1ca9ac246b9dfec0b63816
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
265a924c42de4784cba8fd0e1bd77133bc833ea5f5a31fc77e08922c18fcfa43
31bf54fc019ea2830e78d3c152459b6d29872b478c9ae7a41823a2472cbd7a12
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
4ddc3efda8ec5711a176a8c8e9e34cdefa4f8ca43deeaa98e1324a0385e5adad
80e0f361c8d7280cf50c5e50988f262c8e1f6b787bf863ca62d14d049c1d90f3
9bb4dfd3eebabec19fe5a5e736d088bd71e6805f1bbdc5621e639e32d47a08bd
a085c2f1e7df8cdded779fa68b0ce2e0d31d3352ed8d8238cb540f35fa20cf0d
ab00da8f7172162defcd9366c213dcfe91f79307b5d96b92d12308e0201a67c1
b582e5e36135cfe697ec9cfbb06ff7407a7d89a9e4a1287cfdd905cc3f9669e5
be3979aa66ab98b74f4c323b1c194cba444de65913e489d5786e0c7fd8f310c0
ceb5505cc0e8e5be105fe6c1393d6f28917dd2f857eb1a7758127d35272752f6
cf33092752054c7e93201ebd484c7e47a194635120a46cc3786b4107195edf1e
f18a8bbce382f81e56cd11393de3941fa648052613df58c728fe61aff4d86d53