agstsayisfrdksndkzz8.online Open in urlscan Pro
2a02:4780:27:1113:0:d4d:e730:e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://agstsayisfrdksndkzz8.online/
Submission: On August 15 via api (August 15th 2023, 4:27:52 am UTC) from TR — Scanned from FR

Summary HTTP 28 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2a02:4780:27:1113:0:d4d:e730:e, located in Paris, France and belongs to AS-HOSTINGER, CY. The main domain is agstsayisfrdksndkzz8.online.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 14th 2023. Valid for: 3 months.

This is the only time agstsayisfrdksndkzz8.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Denizbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
17	2a02:4780:27:... 2a02:4780:27:1113:0:d4d:e730:e	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
9	195.85.255.15 195.85.255.15	29434 (DENIZBANK) (DENIZBANK)
28	4

17 2a02:4780:27:1113:0:d4d:e730:e (Paris, France)

ASN47583 (AS-HOSTINGER, CY)

agstsayisfrdksndkzz8.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.85.255.15 (Turkey)

ASN29434 (DENIZBANK, TR)

acikdeniz.denizbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	agstsayisfrdksndkzz8.online agstsayisfrdksndkzz8.online	463 KB
9	denizbank.com acikdeniz.denizbank.com	791 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 752	82 KB
0	analyticsb2c.com Failed analyticsb2c.com Failed
28	4

	Domain	Requested by
17	agstsayisfrdksndkzz8.online	agstsayisfrdksndkzz8.online
9	acikdeniz.denizbank.com	agstsayisfrdksndkzz8.online acikdeniz.denizbank.com
1	code.jquery.com	agstsayisfrdksndkzz8.online
0	analyticsb2c.com Failed	agstsayisfrdksndkzz8.online
28	4

This site contains links to these domains. Also see Links.

Domain
www.denizbank.com

Subject Issuer	Validity	Valid
agstsayisfrdksndkzz8.online ZeroSSL RSA Domain Secure Site CA	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
acikdeniz.denizbank.com GeoTrust RSA CA 2018	`2023-01-31` - `2024-02-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://agstsayisfrdksndkzz8.online/
Frame ID: E904E7EEC3CAEBE1A4D7445BE568C4B0
Requests: 27 HTTP requests in this frame

Frame: https://analyticsb2c.com/id.html
Frame ID: FC4A4166B7BAFB0DD699773365899627
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DenizBank İnternet Bankacılığı

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1336 kB
Transfer

2573 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.denizbank.com/dijital-bankacilik/guvenlik
Title: İnternet Güvenliği

Search URL Search Domain Scan URL

URL: https://www.denizbank.com/internet-bankaciligi/
Title: Yardım ve Öneriler

Search URL Search Domain Scan URL

URL: https://www.denizbank.com/dijital-bankacilik/internet-bankaciligi
Title: İşlem Limitleri ve Saatleri

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
agstsayisfrdksndkzz8.online/ 20 KB
7 KB 61ms
19ms Document
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://agstsayisfrdksndkzz8.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.21

Resource Hash

02f1d4286f43ed9353d086136838a6c9523a8904dfd515b18c55bfd8fe4a7109

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 7320
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 04:27:45 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.21

GET
H2 200 jquery-3.7.0.js Show response
code.jquery.com/ 278 KB
82 KB 65ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.0.js
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 265a924c42de4784cba8fd0e1bd77133bc833ea5f5a31fc77e08922c18fcfa43

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:45 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-45944"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1692073665.cdn4-pxy022-cdg02.pa1.evs,1692073665.cds229.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 83531

GET
H/1.1 200
OK ruxitagentjs_ICA2NVfgjqru_10245220704125537.js Show response
acikdeniz.denizbank.com// 211 KB
109 KB 266ms
67ms Script
text/javascript 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com//ruxitagentjs_ICA2NVfgjqru_10245220704125537.js

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

f18a8bbce382f81e56cd11393de3941fa648052613df58c728fe61aff4d86d53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:45 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: unsafe-none
Referrer-Policy: same-origin
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Cross-Origin-Opener-Policy: unsafe-none
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: none
Expires: Wed, 14 Aug 2024 04:27:45 GMT

GET
H2 404 Appsettings.json Show response
agstsayisfrdksndkzz8.online/ 2 KB
1 KB 19ms
18ms XHR
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://agstsayisfrdksndkzz8.online/Appsettings.json
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H/1.1 200
OK analytics.js Show response
acikdeniz.denizbank.com/_assets/js/ 451 KB
190 KB 65ms
65ms Script
application/javascript 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/_assets/js/analytics.js

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

13321456b9bb788f8c1f771aef526258ff6da4d4dc1ca9ac246b9dfec0b63816

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:45 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1080247580"
Referrer-Policy: same-origin
Last-Modified: Thu, 10 Aug 2023 16:14:36 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "03e77c1a5cbd91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none

GET
H/1.1 200
OK gib.js Show response
acikdeniz.denizbank.com/_assets/js/ 308 KB
153 KB 197ms
69ms Script
application/javascript 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/_assets/js/gib.js

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

ceb5505cc0e8e5be105fe6c1393d6f28917dd2f857eb1a7758127d35272752f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:45 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-245995512"
Referrer-Policy: same-origin
Last-Modified: Thu, 10 Aug 2023 16:14:36 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "03e77c1a5cbd91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none

GET
H/1.1 200
OK styles.c8e474e722a64ef7e433.css
acikdeniz.denizbank.com/ 695 KB
174 KB 198ms
70ms Stylesheet
text/css 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

31bf54fc019ea2830e78d3c152459b6d29872b478c9ae7a41823a2472cbd7a12

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:46 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1004233839"
Referrer-Policy: same-origin
Last-Modified: Tue, 11 Jul 2023 15:34:24 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0c0682bdb4d91:0"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none

GET
H2 404 loading.gif
agstsayisfrdksndkzz8.online/_assets/img/ 2 KB
2 KB 20ms
17ms Image
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agstsayisfrdksndkzz8.online/_assets/img/loading.gif
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 denizbanklogo.png
agstsayisfrdksndkzz8.online/img/ 73 KB
73 KB 21ms
17ms Image
image/png 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agstsayisfrdksndkzz8.online/img/denizbanklogo.png

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

80e0f361c8d7280cf50c5e50988f262c8e1f6b787bf863ca62d14d049c1d90f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Aug 2023 15:36:39 GMT
server: LiteSpeed
etag: "12373-64da4a07-f678afc4ce50555a;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 74611
expires: Tue, 22 Aug 2023 04:27:46 GMT

GET
H2 404 world.svg
agstsayisfrdksndkzz8.online/_assets/img/ 2 KB
2 KB 42ms
38ms Image
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agstsayisfrdksndkzz8.online/_assets/img/world.svg
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 qrPhoto.jpg
agstsayisfrdksndkzz8.online/img/ 12 KB
12 KB 41ms
38ms Image
image/jpeg 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agstsayisfrdksndkzz8.online/img/qrPhoto.jpg

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cf33092752054c7e93201ebd484c7e47a194635120a46cc3786b4107195edf1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Aug 2023 15:36:39 GMT
server: LiteSpeed
etag: "2e8c-64da4a07-bda420a98cf302fc;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 11916
expires: Tue, 22 Aug 2023 04:27:46 GMT

GET
H2 404 denizbank-mobile.jpg
agstsayisfrdksndkzz8.online/_assets/img/ 2 KB
2 KB 39ms
36ms Image
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agstsayisfrdksndkzz8.online/_assets/img/denizbank-mobile.jpg
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 login-footer-logo.svg
agstsayisfrdksndkzz8.online/_assets/img/login/ 2 KB
2 KB 38ms
35ms Image
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agstsayisfrdksndkzz8.online/_assets/img/login/login-footer-logo.svg
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 enbd.png
agstsayisfrdksndkzz8.online/img/ 4 KB
4 KB 40ms
38ms Image
image/png 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agstsayisfrdksndkzz8.online/img/enbd.png

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Aug 2023 15:36:39 GMT
server: LiteSpeed
etag: "ede-64da4a07-580a13d859e6ad64;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3806
expires: Tue, 22 Aug 2023 04:27:46 GMT

GET
H2 404 runtime.508f31dd75eaa0d280cb.js
agstsayisfrdksndkzz8.online/ 0
0 38ms
36ms Script
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://agstsayisfrdksndkzz8.online/runtime.508f31dd75eaa0d280cb.js
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 polyfills.6a09f8ee338329e0c30e.js
agstsayisfrdksndkzz8.online/ 0
0 39ms
36ms Script
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://agstsayisfrdksndkzz8.online/polyfills.6a09f8ee338329e0c30e.js
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 scripts.86cdef26bb2352a2877b.js
agstsayisfrdksndkzz8.online/ 0
0 39ms
37ms Script
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://agstsayisfrdksndkzz8.online/scripts.86cdef26bb2352a2877b.js
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 vendor.01a40475ece1de2c5a39.js
agstsayisfrdksndkzz8.online/ 0
0 39ms
37ms Script
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://agstsayisfrdksndkzz8.online/vendor.01a40475ece1de2c5a39.js
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 main.6b7f13a05293e7a9970a.js
agstsayisfrdksndkzz8.online/ 0
0 39ms
37ms Script
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://agstsayisfrdksndkzz8.online/main.6b7f13a05293e7a9970a.js
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 summer.jpg
agstsayisfrdksndkzz8.online/_assets/img/bg/ 351 KB
351 KB 33ms
33ms Image
image/jpeg 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://agstsayisfrdksndkzz8.online/_assets/img/bg/summer.jpg

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4ddc3efda8ec5711a176a8c8e9e34cdefa4f8ca43deeaa98e1324a0385e5adad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 14 Aug 2023 15:36:39 GMT
server: LiteSpeed
etag: "57ccf-64da4a07-6386939e2b3ea607;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 359631
expires: Tue, 22 Aug 2023 04:27:46 GMT

GET
H2 404 summer.jpg
agstsayisfrdksndkzz8.online/_assets/img/login/bg/ 2 KB
2 KB 36ms
35ms Image
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agstsayisfrdksndkzz8.online/_assets/img/login/bg/summer.jpg
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET id.html
analyticsb2c.com/ Frame FC4A 0
0

GET
H/1.1 200
OK icomoon.bab6aa30f8aa54e8db35.ttf
acikdeniz.denizbank.com/assets/ 106 KB
109 KB 262ms
69ms Font
application/octet-stream 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/icomoon.bab6aa30f8aa54e8db35.ttf?fa50ap

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

9bb4dfd3eebabec19fe5a5e736d088bd71e6805f1bbdc5621e639e32d47a08bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css
Origin: https://agstsayisfrdksndkzz8.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:46 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="86657569", dtTao;desc="1"
Content-Length: 108804
Referrer-Policy: same-origin
Last-Modified: Tue, 11 Jul 2023 15:34:23 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0c0682bdb4d91:0:dtagent102452207041255378ZpJ"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Timing-Allow-Origin: *

GET
H/1.1 200
OK opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
acikdeniz.denizbank.com/assets/ 12 KB
15 KB 260ms
67ms Font
application/font-woff2 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

be3979aa66ab98b74f4c323b1c194cba444de65913e489d5786e0c7fd8f310c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css
Origin: https://agstsayisfrdksndkzz8.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:46 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1937124957", dtTao;desc="1"
Content-Length: 12552
Referrer-Policy: same-origin
Last-Modified: Thu, 10 Aug 2023 16:14:35 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "03e77c1a5cbd91:0:dtagent102452207041255378ZpJ"
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Timing-Allow-Origin: *

GET
H/1.1 200
OK opensans-bold-webfont.7b013a3110831768093f.woff2
acikdeniz.denizbank.com/assets/ 12 KB
15 KB 257ms
65ms Font
application/font-woff2 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/opensans-bold-webfont.7b013a3110831768093f.woff2

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

b582e5e36135cfe697ec9cfbb06ff7407a7d89a9e4a1287cfdd905cc3f9669e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css
Origin: https://agstsayisfrdksndkzz8.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:47 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Content-Length: 12776
Referrer-Policy: same-origin
Last-Modified: Thu, 10 Aug 2023 16:14:36 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "03e77c1a5cbd91:0"
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none

GET
H/1.1 200
OK opensans-semibold-webfont.1045337df148fc781940.woff2
acikdeniz.denizbank.com/assets/ 12 KB
15 KB 260ms
68ms Font
application/font-woff2 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/opensans-semibold-webfont.1045337df148fc781940.woff2

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

a085c2f1e7df8cdded779fa68b0ce2e0d31d3352ed8d8238cb540f35fa20cf0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://acikdeniz.denizbank.com/styles.c8e474e722a64ef7e433.css
Origin: https://agstsayisfrdksndkzz8.online
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:46 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="451374102", dtTao;desc="1"
Content-Length: 12676
Referrer-Policy: same-origin
Last-Modified: Thu, 10 Aug 2023 16:14:35 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "03e77c1a5cbd91:0:dtagent102452207041255378ZpJ"
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Timing-Allow-Origin: *

GET
H3 404 summer.jpg
agstsayisfrdksndkzz8.online/_assets/img/login/bg/ 2 KB
2 KB 19ms
18ms Image
text/html 2a02:4780:27:1113:0:d4d:e730:e
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agstsayisfrdksndkzz8.online/_assets/img/login/bg/summer.jpg
Requested by: Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a02:4780:27:1113:0:d4d:e730:e Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:27:46 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 16:34:54 GMT
server: LiteSpeed
etag: "999-64aed62e-c30b5008ff2b3049;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 912

GET
H/1.1 200
OK tum-islemler-bg.776505492273e7689796.png
acikdeniz.denizbank.com/assets/ 10 KB
13 KB 65ms
64ms Image
image/png 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/assets/tum-islemler-bg.776505492273e7689796.png

Requested by

Host: agstsayisfrdksndkzz8.online
URL: https://agstsayisfrdksndkzz8.online/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 , Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

ab00da8f7172162defcd9366c213dcfe91f79307b5d96b92d12308e0201a67c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://agstsayisfrdksndkzz8.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Tue, 15 Aug 2023 04:27:46 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Content-Length: 10362
Referrer-Policy: same-origin
Last-Modified: Thu, 10 Aug 2023 16:14:36 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "03e77c1a5cbd91:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analyticsb2c.com
URL: https://analyticsb2c.com/id.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Denizbank (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D81_sn_72DASHEH3RT9A3269GCS2PJH6EI895NH
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: rxVisitor Value: 1692073666155KP4R3GIR3F5U0S9JT5A657GTFUG318PQ
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: dtPC Value: -81$73666152_157h1vVNMCFLJGAALABORJMQCBQUSWFFMHLHEI-0e0
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: dtLatC Value: 22
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: dtSa Value: -
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: rxvt Value: 1692075466164\|1692073666156
.agstsayisfrdksndkzz8.online/	1970-01-20 23:37:13	Name: _cls_v Value: 95a6cd15-daa7-4f9e-ac73-48aaa601bbec
.agstsayisfrdksndkzz8.online/	1969-12-31 23:59:59	Name: _cls_s Value: cde862c2-e4b8-460f-a582-a63a4856d847:0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://agstsayisfrdksndkzz8.online/(Line 114) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/_assets/img/loading.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/_assets/img/login/login-footer-logo.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/_assets/img/denizbank-mobile.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/runtime.508f31dd75eaa0d280cb.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/polyfills.6a09f8ee338329e0c30e.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/scripts.86cdef26bb2352a2877b.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/vendor.01a40475ece1de2c5a39.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/main.6b7f13a05293e7a9970a.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/_assets/img/login/bg/summer.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://agstsayisfrdksndkzz8.online/_assets/img/world.svg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://agstsayisfrdksndkzz8.online/ Message: Subresource Integrity: The resource 'https://acikdeniz.denizbank.com/_assets/js/gib.js' has an integrity attribute, but the resource requires the request to be CORS enabled to check the integrity, and it is not. The resource has been blocked because the integrity cannot be enforced.
network	error	URL: https://agstsayisfrdksndkzz8.online/_assets/img/login/bg/summer.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://acikdeniz.denizbank.com/_assets/js/analytics.js(Line 54) Message: Refused to create a worker from 'blob:https://agstsayisfrdksndkzz8.online/cdb9db9c-43a6-489e-ba95-e461e7a3e7ce' because it violates the following Content Security Policy directive: "child-src 'self' .denizbank.com .netmera-web.com analyticsb2c.com data: *.youtube.com". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acikdeniz.denizbank.com
agstsayisfrdksndkzz8.online
analyticsb2c.com
code.jquery.com
analyticsb2c.com
195.85.255.15
2001:4de0:ac18::1:a:1b
2a02:4780:27:1113:0:d4d:e730:e
02f1d4286f43ed9353d086136838a6c9523a8904dfd515b18c55bfd8fe4a7109
13321456b9bb788f8c1f771aef526258ff6da4d4dc1ca9ac246b9dfec0b63816
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
265a924c42de4784cba8fd0e1bd77133bc833ea5f5a31fc77e08922c18fcfa43
31bf54fc019ea2830e78d3c152459b6d29872b478c9ae7a41823a2472cbd7a12
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
4ddc3efda8ec5711a176a8c8e9e34cdefa4f8ca43deeaa98e1324a0385e5adad
80e0f361c8d7280cf50c5e50988f262c8e1f6b787bf863ca62d14d049c1d90f3
9bb4dfd3eebabec19fe5a5e736d088bd71e6805f1bbdc5621e639e32d47a08bd
a085c2f1e7df8cdded779fa68b0ce2e0d31d3352ed8d8238cb540f35fa20cf0d
ab00da8f7172162defcd9366c213dcfe91f79307b5d96b92d12308e0201a67c1
b582e5e36135cfe697ec9cfbb06ff7407a7d89a9e4a1287cfdd905cc3f9669e5
be3979aa66ab98b74f4c323b1c194cba444de65913e489d5786e0c7fd8f310c0
ceb5505cc0e8e5be105fe6c1393d6f28917dd2f857eb1a7758127d35272752f6
cf33092752054c7e93201ebd484c7e47a194635120a46cc3786b4107195edf1e
f18a8bbce382f81e56cd11393de3941fa648052613df58c728fe61aff4d86d53

agstsayisfrdksndkzz8.online Open in urlscan Pro 2a02:4780:27:1113:0:d4d:e730:e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1336 kBTransfer

2573 kBSize

8 Cookies

3 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

agstsayisfrdksndkzz8.online Open in urlscan Pro
2a02:4780:27:1113:0:d4d:e730:e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1336 kB
Transfer

2573 kB
Size

8
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!