urlscan.io logo urlscan.io
SecurityTrails logo

cbonline.cihanbank.com Open in urlscan Pro
31.25.137.138  Public Scan

Go To Rescan Add Verdict Report
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Submission: On May 17 via manual from IQ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 31.25.137.138, located in Erbil, Iraq and belongs to TARIN, IQ. The main domain is cbonline.cihanbank.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 18th 2022. Valid for: a year.
This is the only time cbonline.cihanbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 31.25.137.138 197882 (TARIN)
3 35.229.79.40 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a03:2880:f08... 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2a03:2880:f08... 32934 (FACEBOOK)
34 9
21    31.25.137.138 (Erbil, Iraq)

ASN197882 (TARIN, IQ)
PTR: 31.25.137.138.tarinnet.info
cbonline.cihanbank.com
3    35.229.79.40 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.79.229.35.bc.googleusercontent.com
dashboard.chatfuel.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6812:7361 (United States)

ASN13335 (CLOUDFLARENET, US)
icanhazip.com
2    2606:4700:20::ac43:491c (United States)

ASN13335 (CLOUDFLARENET, US)
www.iplocate.io
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a03:2880:f084:a:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
socialplugin.facebook.net
Apex Domain
Subdomains		 Transfer
21 cihanbank.com
cbonline.cihanbank.com
2 MB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 KB
3 chatfuel.com
dashboard.chatfuel.com — Cisco Umbrella Rank: 351950
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
socialplugin.facebook.net — Cisco Umbrella Rank: 13358
92 KB
2 iplocate.io
www.iplocate.io — Cisco Umbrella Rank: 203429
2 KB
2 icanhazip.com
icanhazip.com — Cisco Umbrella Rank: 7775
687 B
1 gstatic.com
fonts.gstatic.com
14 KB
34 7
Domain Requested by
21 cbonline.cihanbank.com 1 redirects cbonline.cihanbank.com
4 www.facebook.com connect.facebook.net
3 dashboard.chatfuel.com cbonline.cihanbank.com
dashboard.chatfuel.com
2 www.iplocate.io cbonline.cihanbank.com
2 icanhazip.com cbonline.cihanbank.com
1 socialplugin.facebook.net connect.facebook.net
1 connect.facebook.net dashboard.chatfuel.com
1 fonts.gstatic.com cbonline.cihanbank.com
34 8

This site contains no links.

Subject Issuer Validity Valid
cbonline.cihanbank.com
DigiCert SHA2 Extended Validation Server CA		 2022-12-18 -
2024-01-18		 a year crt.sh
*.chatfuel.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-04-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-23 -
2023-05-24		 3 months crt.sh
*.socialplugin.facebook.net
DigiCert SHA2 High Assurance Server CA		 2023-02-23 -
2023-05-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cbonline.cihanbank.com/iBanking/Authentication/index
Frame ID: 4CC37342DF99D1146D88C15A8FE43FAE
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cihan Bank

Page URL History Show full URLs

  1. https://cbonline.cihanbank.com/iBanking/Authentication/index HTTP 302
    https://cbonline.cihanbank.com/iBanking/Authentication/index Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2144 kB
Transfer

2382 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cbonline.cihanbank.com/iBanking/Authentication/index HTTP 302
    https://cbonline.cihanbank.com/iBanking/Authentication/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index
cbonline.cihanbank.com/iBanking/Authentication/
Redirect Chain
  • https://cbonline.cihanbank.com/iBanking/Authentication/index
  • https://cbonline.cihanbank.com/iBanking/Authentication/index
59 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
f1c7ccb32963950229db7ad223b9ea22b6c0c8dddd3a744bb9e0ea6d0ca436ba
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Length
59958
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 09:05:28 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=7776000
X-AspNet-Version
XXXXXXXXXX
X-AspNetMvc-Version
5.2
X-Powered-By
XXXXXXXX

Redirect headers

Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Date
Wed, 17 May 2023 09:05:28 GMT
Expires
-1
Location
/iBanking/Authentication/index
Pragma
no-cache
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=7776000
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
content-length
147
fonts.googleapis.css
cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/CSS/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/CSS/fonts.googleapis.css
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
953b0100c295ff596e6908006d7c2ea5cc6b7fb717ae30278520475b50f78f53
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:18 GMT
Server
Microsoft-IIS/10.0
ETag
"a9fd31534a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2511
MainJquery
cbonline.cihanbank.com/iBanking/Assets/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
6f1e1a8493f140c0a79ea165e124e001a3788dde5ef4f131b70ac026ea0d276b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
97128
Expires
-1
LoginGlobalCSS
cbonline.cihanbank.com/iBanking/Assets/ 		793 KB
793 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/LoginGlobalCSS?v=RVy0pD_UL8GBfCf6TdKzo1mNsV1rVZY7KCL0jfGnSa41
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
b51e8456f03bdcf586022210fba2383fb2e02f70f0d433a39cfd97993f74b10a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
811995
Expires
-1
LoginPageCSS
cbonline.cihanbank.com/iBanking/Assets/ 		65 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/LoginPageCSS?v=lBZVH0uu6sUQOsZoLWvsEzZvCjLMmxIHIvdPUX8KwPw1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
c9f785913bc4ac101015f6b0d909543439b8b6b409d7d3af2235b86c6c78a5b7
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
66692
Expires
-1
Login2CustomCss
cbonline.cihanbank.com/iBanking/Assets/ 		12 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Login2CustomCss?v=mss7HesJKTNNlPt0ddTHtVyaeeoacYk3tNZeATUkf8k1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
c3149bb25d91c727b4d38d67011ddd93cf640b19067ac0dcbbc2a004fc46c6d5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
12001
Expires
-1
KeyboardCss
cbonline.cihanbank.com/iBanking/Assets/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/KeyboardCss?v=IWyNWaBsV48EspLC94D23osEG6-QDVx-l5xcXK2QTVg1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
21f5055db5bec65042ede8f321f193c84791e0b31208f2bca5a58189fcadf1d8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
10149
Expires
-1
jquery.li-scroller.1.0.js
cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Scripts/jquery.li-scroller.1.0.js
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
f366589b3f5aa598a869fa7f87fe552472d4539dcf89227c18f45ac90fd93934
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:19 GMT
Server
Microsoft-IIS/10.0
ETag
"83fce0534a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1935
li-scroller.css
cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Scripts/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Scripts/li-scroller.css
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
77c0aebe379095ee70493cf306f50e926d2ca2be80c679bf04fc893f1c51dc5b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:19 GMT
Server
Microsoft-IIS/10.0
ETag
"69e9544a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1500
fb-entry-point.js
dashboard.chatfuel.com/integration/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.chatfuel.com/integration/fb-entry-point.js
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.229.79.40 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.79.229.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
b500ad598377a7c0904f0f901e3ae9282dcc58e0d6d02a21e4a280e06be5197f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:05:30 GMT
content-encoding
gzip
last-modified
Fri, 12 May 2023 09:52:49 GMT
server
nginx/1.17.3
etag
W/"645e0c71-6438"
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Fri, 16 Jun 2023 09:05:30 GMT
Logo@2x.png
cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Images/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Images/Logo@2x.png
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
b2a52fb3711b1dc7b172fbcdcdf0a123676deaf39ae3fb2916833d6d28024359
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:19 GMT
Server
Microsoft-IIS/10.0
ETag
"5110cb534a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
49011
aes.js
cbonline.cihanbank.com/iBanking/Assets/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/js/aes.js
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
59455a23321a2e12bab91942c960e678e75d0661b992e5ddaabf96ae3289b9b6
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:25 GMT
Server
Microsoft-IIS/10.0
ETag
"3e5a3d574a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
13948
refresh.png
cbonline.cihanbank.com/iBanking/Assets/Custom/A2A/Images/ 		762 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Custom/A2A/Images/refresh.png
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
07dc3339815d147b95b48adaa77e8c966bf46bc3ce15e9c54daf679c7e49a0bc
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:13 GMT
Server
Microsoft-IIS/10.0
ETag
"78d6fc4f4a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
762
LoginCoreJS
cbonline.cihanbank.com/iBanking/Assets/ 		82 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/LoginCoreJS?v=7_8RTyOoFjImmMcB3BLKwleVf1579v5vZZuQOZtDaQk1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
815a8c95cc9aba09c70ec5fe03a86468e16794e053c77a3af794915e33aa4707
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
83869
Expires
-1
LoginGlobalJS
cbonline.cihanbank.com/iBanking/Assets/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/LoginGlobalJS?v=mbxCmTZbfEWbxBSRR5WGp932gxwo0kPIrmiBnlQNn9A1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
405fd5019ec5816d1e705ea771e91df0c84314f1f8f92f01e01fa57c07b60b1d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
19209
Expires
-1
LoginPageJS
cbonline.cihanbank.com/iBanking/Assets/ 		162 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/LoginPageJS?v=751a_jeDEnvTj19hKUjIRGOvnaeaY0jiIKiQZIOE2u41
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
ca1f9467352585548033dcd294bdaded3d7813754a3519f5ab337a3b2f44d9b5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
165592
Expires
-1
KeyboardJS
cbonline.cihanbank.com/iBanking/Assets/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/KeyboardJS?v=f_tJDNFCOkRCAdFW9wZJIWCvOUcps4yA8zo3CIJhIGg1
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Authentication/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
8ec9ae9576d6b7fa8f76b49dcc3cb5344cb1a5a2aa740307386ce3f2b5b5d072
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
57859
Expires
-1
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
886213e77bf6383a26abd93cb0f44d2ef78530db1769b4fd3e8dc47e027aec3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Background2x.png
cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Images/ 		533 KB
533 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/Images/Background2x.png
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/Login2CustomCss?v=mss7HesJKTNNlPt0ddTHtVyaeeoacYk3tNZeATUkf8k1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
746b90abb34337db921712b948d519c59617f5bc460006803597924135aad70b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/iBanking/Assets/Login2CustomCss?v=mss7HesJKTNNlPt0ddTHtVyaeeoacYk3tNZeATUkf8k1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Sat, 11 Mar 2023 18:50:19 GMT
Server
Microsoft-IIS/10.0
ETag
"154b99534a54d91:0"
X-Powered-By
XXXXXXXX
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
545845
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/Custom/Cihan/CSS/fonts.googleapis.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cbonline.cihanbank.com/
Origin
https://cbonline.cihanbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 16:42:22 GMT
x-content-type-options
nosniff
age
318188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14048
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 16:42:22 GMT
fontawesome-webfont.woff2
cbonline.cihanbank.com/iBanking/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/LoginGlobalCSS?v=RVy0pD_UL8GBfCf6TdKzo1mNsV1rVZY7KCL0jfGnSa41
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://cbonline.cihanbank.com/iBanking/Assets/LoginGlobalCSS?v=RVy0pD_UL8GBfCf6TdKzo1mNsV1rVZY7KCL0jfGnSa41
Origin
https://cbonline.cihanbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
Last-Modified
Mon, 13 Mar 2023 09:32:46 GMT
Server
Microsoft-IIS/10.0
ETag
"c83be5c48e55d91:0"
X-Powered-By
XXXXXXXX
Content-Type
application/font-woff2
Accept-Ranges
bytes
Content-Length
64464
/
icanhazip.com/ 		24 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://icanhazip.com/
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6badc906fad632e2dddf4de1f348d38a4b2d06d8da0af7ebcf2d0b2f0350104

Request headers

Accept
*/*
Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:05:30 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
7c8ab2f66ab837f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24
GetContactUs
cbonline.cihanbank.com/iBanking/Common/ 		398 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Common/GetContactUs
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
fe12b475666c2f32be5d3255d4307b06a41fa5318c01d9bab58124e0e2bf72ae
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:31 GMT
Strict-Transport-Security
max-age=7776000
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
398
Expires
-1
GetTermsCondition
cbonline.cihanbank.com/iBanking/Common/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cbonline.cihanbank.com/iBanking/Common/GetTermsCondition
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.25.137.138 Erbil, Iraq, ASN197882 (TARIN, IQ),
Reverse DNS
31.25.137.138.tarinnet.info
Software
Microsoft-IIS/10.0 / XXXXXXXX
Resource Hash
486ace4ac22e35f657da663099fa734a279634294b8a30640b754e53c25dde69
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Referer
https://cbonline.cihanbank.com/iBanking/Authentication/index
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 09:05:29 GMT
Strict-Transport-Security
max-age=7776000
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
XXXXXXXXXX
X-Powered-By
XXXXXXXX
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache, no-store
Content-Length
1239
Expires
-1
/
icanhazip.com/ 		24 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://icanhazip.com/
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6badc906fad632e2dddf4de1f348d38a4b2d06d8da0af7ebcf2d0b2f0350104

Request headers

Accept
*/*
Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:05:30 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
7c8ab2f66aba37f5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24
2001:1b60:2:240:3247::3
www.iplocate.io/api/lookup/ 		383 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iplocate.io/api/lookup/2001:1b60:2:240:3247::3
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284ef0ee748286ee699cf5ebed73dea7ed187e24a35e66016f26a60ad0f0a774
Security Headers
Name Value
Content-Security-Policy
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:05:30 GMT
content-security-policy
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
9136fd27-75f7-4958-9269-9190e699a54e
x-runtime
0.007945
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"284ef0ee748286ee699cf5ebed73dea7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFAAcnSeuQBiFZ%2FIjAChFG6LziT0QEZQxEDXV%2FchG16%2BryAYdWZx%2Bt%2FjK2dCmfTlA%2Feje7dwLzXnNZG1%2B%2BzFH%2FMj9qmzXW9K%2B3ItoDC%2FXbKXPzaZBK9d%2FgvsLFobHEe4oZetzuqq5CGH2UXnOA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
x-ratelimit-limit, x-ratelimit-reset, x-ratelimit-remaining
x-ratelimit-remaining
49
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
x-ratelimit-reset
2023-05-18 00:00:00 +0000
x-ratelimit-limit
50
cf-ray
7c8ab2f6e91c2bcf-FRA
vary
Origin
x-ratelimit-client-id
2001:1b60:2:240:3247::3
2001:1b60:2:240:3247::3
www.iplocate.io/api/lookup/ 		383 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.iplocate.io/api/lookup/2001:1b60:2:240:3247::3
Requested by
Host: cbonline.cihanbank.com
URL: https://cbonline.cihanbank.com/iBanking/Assets/MainJquery?v=v76fAns59-4kGkYyDyEXyw9RgnmvJyXSd0eFBt05RzE1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284ef0ee748286ee699cf5ebed73dea7ed187e24a35e66016f26a60ad0f0a774
Security Headers
Name Value
Content-Security-Policy
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 09:05:30 GMT
content-security-policy
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
dc52ff9e-e7c6-42cb-9286-1a9894f33a06
x-runtime
0.006859
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"284ef0ee748286ee699cf5ebed73dea7"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHSOhm4JwLu0sblX6JcN0Oa6PogylLkrX71qhERyFuoDbA6JQ%2FsLgsvFXKyAWnKlEHd8scqeGOLuqXdZz5eP1BE6KwmvHk0PyP8N5bGlE062wprZa%2FuWZDiL1CppdqT5v2tC8bOhGexE0dXGlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
x-ratelimit-limit, x-ratelimit-reset, x-ratelimit-remaining
x-ratelimit-remaining
48
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
x-ratelimit-reset
2023-05-18 00:00:00 +0000
x-ratelimit-limit
50
cf-ray
7c8ab2f6e91e2bcf-FRA
vary
Origin
x-ratelimit-client-id
2001:1b60:2:240:3247::3
6408612435d5e648a147b9a5
dashboard.chatfuel.com/api/entry_points/ 		466 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dashboard.chatfuel.com/api/entry_points/6408612435d5e648a147b9a5
Requested by
Host: dashboard.chatfuel.com
URL: https://dashboard.chatfuel.com/integration/fb-entry-point.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.229.79.40 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.79.229.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
0d124e783887264ebdf712e76fb20db9dbbed7872450e50ed75cff6aafd7d7f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.chatfuel.com;

Request headers

Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 May 2023 09:05:31 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.chatfuel.com;
server
nginx/1.17.3
x-chatfuel-version
master_with_AAR-213-feature-toggle-for-gpt4-28761
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-Chatfuel-Version
access-control-allow-credentials
true
content-length
281
6408612435d5e648a147b9a5
dashboard.chatfuel.com/api/entry_points/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dashboard.chatfuel.com/api/entry_points/6408612435d5e648a147b9a5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.229.79.40 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.79.229.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.chatfuel.com;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cbonline.cihanbank.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, DELETE, PUT, HEAD
access-control-allow-origin
*
access-control-expose-headers
X-Chatfuel-Version
allow
HEAD,GET,OPTIONS,PUT
content-length
23
content-security-policy
frame-ancestors 'self' *.chatfuel.com;
content-type
text/plain
date
Wed, 17 May 2023 09:05:31 GMT
server
nginx/1.17.3
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		320 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: dashboard.chatfuel.com
URL: https://dashboard.chatfuel.com/integration/fb-entry-point.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c3333a292d4d5b00d8f954b841d2035ad6a19d84eff2dd5a3fca5b28b9bbbaf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cbonline.cihanbank.com/
Origin
https://cbonline.cihanbank.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:05:31 GMT
content-md5
UzTTs+h9bC+X2tkGx8zNdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92513
x-fb-rlafr
0
x-fb-debug
D4MZbw2nRFFaYxD5aHOgqCsFxTez32qTESnLHY37ntszrdwYb/wd2OLn0yZU5h8yJQuBGmdOZLWUjTLicZvi3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
8d5fc7ea97e358e175b22f04ff8aaef9
cross-origin-opener-policy
same-origin-allow-popups
etag
"daef478faa9a2b6afca4d7f7632b3111"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 17 May 2023 09:21:10 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1678638095724206&ev=fb_page_view&dl=https%3A%2F%2Fcbonline.cihanbank.com%2FiBanking%2FAuthentication%2Findex&rl=&if=false&ts=1684314331917&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbonline.cihanbank.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 17 May 2023 09:05:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
socialplugin.facebook.net/new_domain_gating/ 		40 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=547367138754367&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:a:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:05:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
pcKmFHrIQSjrQkFprV3TLJ78T6N5ajUQ7hl0XRZ1rCwfKX4ZqWxNFlYm2Nqg9V4RQRnDu7v/Bn0rNixkOeNT6g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/json; charset=utf-8
x-frame-options
DENY
access-control-allow-origin
https://cbonline.cihanbank.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?allow_guests=true&app_id=1678638095724206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f28a56db30ba4%26domain%3Dcbonline.cihanbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcbonline.cihanbank.com%252Ff27cf7fd50347%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcbonline.cihanbank.com%2FiBanking%2FAuthentication%2Findex&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=e1defd73-0206-4b47-acab-79540b4c1657&page_id=547367138754367&ref=b64%3AeyJlcGlkIjoiNjQwODYxMjQzNWQ1ZTY0OGExNDdiOWE1In0%3D&request_time=1684314332112&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23ad2626
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:05:32 GMT
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
UAqV1KiGUti96dReaFOdU0u9E3ex3Ij3+xC2u+PFQuEgxvJvGvvhKmS5RkRXzV7thxvoNVWWaPcHGPMxeNr0vA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://cbonline.cihanbank.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/facade/ 		1 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?allow_guests=true&app_id=1678638095724206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f28a56db30ba4%26domain%3Dcbonline.cihanbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcbonline.cihanbank.com%252Ff27cf7fd50347%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcbonline.cihanbank.com%2FiBanking%2FAuthentication%2Findex&is_loaded_by_facade=true&locale=en_US&log_id=e1defd73-0206-4b47-acab-79540b4c1657&page_id=547367138754367&ref=b64%3AeyJlcGlkIjoiNjQwODYxMjQzNWQ1ZTY0OGExNDdiOWE1In0%3D&request_time=1684314332112&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23ad2626
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cfcdb3d2949eb1b105073b8795161d5c253d89e2c1eb428b66f3dad48e5d3dd
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 17 May 2023 09:05:32 GMT
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
A4iUvuup6WVlhK3/9FuTh8K8HeMrHQhJsQANSNWBmpAZ0IF7pZ/uDB7DSyiokTmj8wj4eIWcjcjYLPXEzA91Ow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
x-frame-options
DENY
access-control-allow-origin
https://cbonline.cihanbank.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?allow_guests=true&app_id=1678638095724206&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f28a56db30ba4%26domain%3Dcbonline.cihanbank.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcbonline.cihanbank.com%252Ff27cf7fd50347%26relation%3Dparent.parent&current_url=https%3A%2F%2Fcbonline.cihanbank.com%2FiBanking%2FAuthentication%2Findex&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=304&locale=en_US&log_id=e1defd73-0206-4b47-acab-79540b4c1657&page_id=547367138754367&ref=b64%3AeyJlcGlkIjoiNjQwODYxMjQzNWQ1ZTY0OGExNDdiOWE1In0%3D&request_time=1684314332416&sdk=joey&should_use_new_domain=false&suppress_http_code=1&theme_color=%23ad2626
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cbonline.cihanbank.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Wed, 17 May 2023 09:05:32 GMT
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
FyzrcLQD9rXtEKJsYzMBHtWLt5w3HGZcqR5KRvHmDz77C6YnqTXzfUqxA18kDhHzphRrIaYs+ysc5XLtJSrwWg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://cbonline.cihanbank.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| CryptoJS function| Enc function| SubmitsEncry function| OTPtimers object| jQuery11240330053314718165 function| Cookies object| App object| toastr function| MoveToFormForget function| ChangeCalProject object| Login undefined| msg undefined| ErrorCode function| ReloadCaptcha function| AlertMessage function| OTPtimerss function| OTPtimer function| OTPtimerNewToken function| StartAjax function| EndAjax object| regeneratorRuntime boolean| cfIsFbSdkInited function| fbAsyncInit object| FB

2 Cookies

Domain/Path Name / Value
cbonline.cihanbank.com/ Name: ASP.NET_SessionId
Value: og4oz3zssatwjjuwbqyzoqe1
cbonline.cihanbank.com/ Name: cookiesession1
Value: 678ADA5B5E46AA2AF29D3BC14424BAF5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7776000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbonline.cihanbank.com
connect.facebook.net
dashboard.chatfuel.com
fonts.gstatic.com
icanhazip.com
socialplugin.facebook.net
www.facebook.com
www.iplocate.io
2606:4700:20::ac43:491c
2606:4700::6812:7361
2a00:1450:4001:811::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f084:a:face:b00c:0:2
2a03:2880:f177:83:face:b00c:0:25de
31.25.137.138
35.229.79.40
07dc3339815d147b95b48adaa77e8c966bf46bc3ce15e9c54daf679c7e49a0bc
0d124e783887264ebdf712e76fb20db9dbbed7872450e50ed75cff6aafd7d7f9
21f5055db5bec65042ede8f321f193c84791e0b31208f2bca5a58189fcadf1d8
284ef0ee748286ee699cf5ebed73dea7ed187e24a35e66016f26a60ad0f0a774
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
405fd5019ec5816d1e705ea771e91df0c84314f1f8f92f01e01fa57c07b60b1d
486ace4ac22e35f657da663099fa734a279634294b8a30640b754e53c25dde69
4cfcdb3d2949eb1b105073b8795161d5c253d89e2c1eb428b66f3dad48e5d3dd
59455a23321a2e12bab91942c960e678e75d0661b992e5ddaabf96ae3289b9b6
6f1e1a8493f140c0a79ea165e124e001a3788dde5ef4f131b70ac026ea0d276b
746b90abb34337db921712b948d519c59617f5bc460006803597924135aad70b
77c0aebe379095ee70493cf306f50e926d2ca2be80c679bf04fc893f1c51dc5b
815a8c95cc9aba09c70ec5fe03a86468e16794e053c77a3af794915e33aa4707
886213e77bf6383a26abd93cb0f44d2ef78530db1769b4fd3e8dc47e027aec3e
8ec9ae9576d6b7fa8f76b49dcc3cb5344cb1a5a2aa740307386ce3f2b5b5d072
953b0100c295ff596e6908006d7c2ea5cc6b7fb717ae30278520475b50f78f53
b2a52fb3711b1dc7b172fbcdcdf0a123676deaf39ae3fb2916833d6d28024359
b500ad598377a7c0904f0f901e3ae9282dcc58e0d6d02a21e4a280e06be5197f
b51e8456f03bdcf586022210fba2383fb2e02f70f0d433a39cfd97993f74b10a
c3149bb25d91c727b4d38d67011ddd93cf640b19067ac0dcbbc2a004fc46c6d5
c3333a292d4d5b00d8f954b841d2035ad6a19d84eff2dd5a3fca5b28b9bbbaf2
c9f785913bc4ac101015f6b0d909543439b8b6b409d7d3af2235b86c6c78a5b7
ca1f9467352585548033dcd294bdaded3d7813754a3519f5ab337a3b2f44d9b5
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
d6badc906fad632e2dddf4de1f348d38a4b2d06d8da0af7ebcf2d0b2f0350104
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1c7ccb32963950229db7ad223b9ea22b6c0c8dddd3a744bb9e0ea6d0ca436ba
f366589b3f5aa598a869fa7f87fe552472d4539dcf89227c18f45ac90fd93934
fe12b475666c2f32be5d3255d4307b06a41fa5318c01d9bab58124e0e2bf72ae