c2c.bankffin.kz Open in urlscan Pro
109.233.111.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://c2c.bankffin.kz/
Submission: On November 07 via automatic, source certstream-suspicious (November 7th 2023, 2:57:05 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 109.233.111.131, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is c2c.bankffin.kz.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 13th 2023. Valid for: a year.

This is the only time c2c.bankffin.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	109.233.111.131 109.233.111.131	48716 (PSKZ-ALA) (PSKZ-ALA)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	149.154.188.35 149.154.188.35	200067 (FFIN) (FFIN)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
21	5

12 109.233.111.131 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

c2c.bankffin.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.154.188.35 (Kazakhstan)

ASN200067 (FFIN, KZ)

oz-scan.ffin.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bankffin.kz c2c.bankffin.kz	8 MB
4	gstatic.com fonts.gstatic.com	42 KB
3	ffin.kz oz-scan.ffin.kz	109 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 903	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
21	5

	Domain	Requested by
12	c2c.bankffin.kz	c2c.bankffin.kz
4	fonts.gstatic.com	fonts.googleapis.com
3	oz-scan.ffin.kz	c2c.bankffin.kz oz-scan.ffin.kz
2	unpkg.com	1 redirects c2c.bankffin.kz
1	fonts.googleapis.com	c2c.bankffin.kz
21	5

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
vt.tiktok.com

Subject Issuer	Validity	Valid
*.bankffin.kz GeoTrust RSA CA 2018	`2023-01-13` - `2024-02-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.ffin.kz Sectigo RSA Domain Validation Secure Server CA	`2023-02-24` - `2024-03-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://c2c.bankffin.kz/
Frame ID: 88FDCF759BFD985D31C38B84272D72E7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

C2C

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

8079 kB
Transfer

8081 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/bankffin.kz

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bankffin.kz

Search URL Search Domain Scan URL

URL: https://vt.tiktok.com/ZSdGVVBCU

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
c2c.bankffin.kz/ 1012 B
1 KB 302ms
93ms Document
text/html 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

1dc01fb1a9d3a81dfbe8a8bf2e3d6bcf2f27be39b4ab7c64e03bded66e5a80d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1012
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 14:56:57 GMT
etag: "65277510-3f4"
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 175ms
61ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50158005191fd2bded89037e81103e45313b208881c46eed0475c13df5663e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 14:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 14:14:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 14:56:57 GMT

GET
H2 200 ozliveness.css
oz-scan.ffin.kz/plugin/ 14 KB
6 KB 365ms
112ms Stylesheet
text/css 149.154.188.35
FFIN

General

Check archive.org

Show headers Download Go to

Full URL: https://oz-scan.ffin.kz/plugin/ozliveness.css
Requested by: Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.154.188.35 , Kazakhstan, ASN200067 (FFIN, KZ),
Reverse DNS
Software: nginx /
Resource Hash: 8eaf62d84e72ac07871bab40e350d00971a8328b0498d6358d92b9febe6306e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:58 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 17:52:22 GMT
server: nginx
etag: W/"620a96d6-3726"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@8.4.7/
Redirect Chain

https://unpkg.com/swiper@8/swiper-bundle.min.css
https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

16 KB
5 KB

35ms
35ms

Stylesheet
text/css

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.7/swiper-bundle.min.css

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2684097
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HC54TK3YWC333WWZS5Y3FGDM-fra
server: cloudflare
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82266d09bc6465db-FRA

Redirect headers

date: Tue, 07 Nov 2023 14:56:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HEN4ETPCRTRVRZQA09KBE01R-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 128
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.7/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 82266d098c2565db-FRA

GET
H2 200 plugin_liveness.php Show response
oz-scan.ffin.kz/ 102 KB
103 KB 444ms
223ms Script
application/javascript 149.154.188.35
FFIN

General

Check archive.org

Show headers Download Go to

Full URL: https://oz-scan.ffin.kz/plugin_liveness.php?lang=ru
Requested by: Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.154.188.35 , Kazakhstan, ASN200067 (FFIN, KZ),
Reverse DNS
Software: nginx /
Resource Hash: 60e1a71b97b366bb900e4a6bab0489061d3d6cec8eac6fac4175501334685140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 14:56:58 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 runtime.8bb163ae756af8a53f00.js Show response
c2c.bankffin.kz/ 5 KB
5 KB 717ms
716ms Script
application/javascript 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/runtime.8bb163ae756af8a53f00.js

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

76464f18cd34fbc80a792d1c322ddde3c04323eb463e3d773a08393b6d3374ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-1350"
content-length: 4944
content-type: application/javascript; charset=utf-8

GET
H2 200 main.016155b8d1167e2271df.js Show response
c2c.bankffin.kz/ 2 MB
2 MB 718ms
717ms Script
application/javascript 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/main.016155b8d1167e2271df.js

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

f381e2a34fdeebda0f9da91c3b769d8a6411dca04b4e6b41407713228d8278f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-1a51f9"
content-length: 1724921
content-type: application/javascript; charset=utf-8

GET
H2 200 main.ee1e40a4d76418ebf46c.css
c2c.bankffin.kz/ 3 MB
3 MB 108ms
108ms Stylesheet
text/css 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/main.ee1e40a4d76418ebf46c.css

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

1a290860aa228f9c4bb50a651a0c2dc21dc79f4f5bdd361872ce076d11dfa38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-28c3f2"
content-length: 2671602
content-type: text/css

POST
H2 200 tm.php Show response
oz-scan.ffin.kz/ 52 B
341 B 801ms
574ms XHR
application/json 149.154.188.35
FFIN

General

Check archive.org

Show headers Download Go to

Full URL: https://oz-scan.ffin.kz/tm.php
Requested by: Host: oz-scan.ffin.kz
URL: https://oz-scan.ffin.kz/plugin_liveness.php?lang=ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.154.188.35 , Kazakhstan, ASN200067 (FFIN, KZ),
Reverse DNS
Software: nginx /
Resource Hash: 9260b17338b660464a79215eb4635768907f275efb10a7d151023ad9cf112342

Request headers

Referer: https://c2c.bankffin.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUM9ZOgxZXUtOh4q9

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 755.448f8b198c0820ee4a98.css
c2c.bankffin.kz/ 1 KB
1 KB 93ms
93ms Stylesheet
text/css 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/755.448f8b198c0820ee4a98.css

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/runtime.8bb163ae756af8a53f00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

dc267e5c6460f080605a3a1b1fdf10ecfe4f791ecaba89e574bc5ab2518ed49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-402"
content-length: 1026
content-type: text/css

GET
H2 200 755.c5ba2c12a61c25bbe392.js Show response
c2c.bankffin.kz/ 1 KB
1 KB 94ms
93ms Script
application/javascript 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/755.c5ba2c12a61c25bbe392.js

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/runtime.8bb163ae756af8a53f00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

cbf4cf43fd3ad65c7bb629e1fb525baff3e9f01b5c07483874bc4a76bea3d911

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-51d"
content-length: 1309
content-type: application/javascript; charset=utf-8

GET
H2 200 746.ff857f06de0d9c09e212.css
c2c.bankffin.kz/ 579 KB
580 KB 94ms
93ms Stylesheet
text/css 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/746.ff857f06de0d9c09e212.css

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/runtime.8bb163ae756af8a53f00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

d197ecd12495edd07cf21c3b04f4354800b417dab52738cfa0795bde73df3148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-90b24"
content-length: 592676
content-type: text/css

GET
H2 200 746.bcedec7850056dcd7c85.js Show response
c2c.bankffin.kz/ 42 KB
42 KB 102ms
101ms Script
application/javascript 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://c2c.bankffin.kz/746.bcedec7850056dcd7c85.js

Requested by

Host: c2c.bankffin.kz
URL: https://c2c.bankffin.kz/runtime.8bb163ae756af8a53f00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

5c6a9d2fbb46b2223ffe48d18bc26ad3726d2423d19420caab0cbb8a93a85608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-a833"
content-length: 43059
content-type: application/javascript; charset=utf-8

GET
H2 200 hero-banner.png
c2c.bankffin.kz/assets/ 1 MB
1 MB 96ms
95ms Image
image/png 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c2c.bankffin.kz/assets/hero-banner.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

193510adfd995e88ac9364928d180bb3629d91cb2994047fdf3b31124c773893

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-154394"
content-length: 1393556
content-type: image/png

GET
H2 200 house-confetti.png
c2c.bankffin.kz/assets/ 851 KB
853 KB 108ms
107ms Image
image/png 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c2c.bankffin.kz/assets/house-confetti.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

79890397e6e8f2e11b604cb10bb7cce417933af8e92e4de7a4389930e95d74a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-d4c65"
content-length: 871525
content-type: image/png

GET
H2 200 initiator.png
c2c.bankffin.kz/assets/ 669 KB
671 KB 116ms
115ms Image
image/png 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c2c.bankffin.kz/assets/initiator.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

cdea5a1bbf3d239743fb4c285178776483057243587e71fe903108aaa016a40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-a75e6"
content-length: 685542
content-type: image/png

GET
H2 200 congrats.png
c2c.bankffin.kz/assets/img/ 99 KB
100 KB 821ms
820ms Image
image/png 109.233.111.131
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c2c.bankffin.kz/assets/img/congrats.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.233.111.131 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

Resource Hash

ea491b419e5a6b6c125d54904db6db35690aa82ebfd58884401987d73fc4b110

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c2c.bankffin.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:56:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 12 Oct 2023 04:24:48 GMT
accept-ranges: bytes
etag: "65277510-18c90"
content-length: 101520
content-type: image/png

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
fonts.gstatic.com/s/notosans/v32/ 6 KB
7 KB 181ms
57ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v32/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8777c49882cebbe642f3653126aedc504b1d2caeb90df820c56f96b9123006f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c2c.bankffin.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:24:42 GMT
x-content-type-options: nosniff
age: 408737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6536
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 20:55:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:24:42 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v32/ 7 KB
7 KB 186ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v32/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fddfa9f33d8ab7c4132c72e417278b549b051c79d68512bed859762698a74990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c2c.bankffin.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:24:28 GMT
x-content-type-options: nosniff
age: 408751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6744
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 20:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:24:28 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v32/ 14 KB
14 KB 240ms
116ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v32/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c2c.bankffin.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:24:16 GMT
x-content-type-options: nosniff
age: 408763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14100
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 20:55:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:24:16 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v32/ 14 KB
14 KB 192ms
69ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v32/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://c2c.bankffin.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:11:22 GMT
x-content-type-options: nosniff
age: 409537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 20:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:11:22 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c2c.bankffin.kz
fonts.googleapis.com
fonts.gstatic.com
oz-scan.ffin.kz
unpkg.com
109.233.111.131
149.154.188.35
2606:4700::6810:7caf
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
193510adfd995e88ac9364928d180bb3629d91cb2994047fdf3b31124c773893
1a290860aa228f9c4bb50a651a0c2dc21dc79f4f5bdd361872ce076d11dfa38a
1dc01fb1a9d3a81dfbe8a8bf2e3d6bcf2f27be39b4ab7c64e03bded66e5a80d0
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
50158005191fd2bded89037e81103e45313b208881c46eed0475c13df5663e5d
5c6a9d2fbb46b2223ffe48d18bc26ad3726d2423d19420caab0cbb8a93a85608
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
60e1a71b97b366bb900e4a6bab0489061d3d6cec8eac6fac4175501334685140
76464f18cd34fbc80a792d1c322ddde3c04323eb463e3d773a08393b6d3374ae
79890397e6e8f2e11b604cb10bb7cce417933af8e92e4de7a4389930e95d74a5
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
8eaf62d84e72ac07871bab40e350d00971a8328b0498d6358d92b9febe6306e1
9260b17338b660464a79215eb4635768907f275efb10a7d151023ad9cf112342
b8777c49882cebbe642f3653126aedc504b1d2caeb90df820c56f96b9123006f
cbf4cf43fd3ad65c7bb629e1fb525baff3e9f01b5c07483874bc4a76bea3d911
cdea5a1bbf3d239743fb4c285178776483057243587e71fe903108aaa016a40a
d197ecd12495edd07cf21c3b04f4354800b417dab52738cfa0795bde73df3148
dc267e5c6460f080605a3a1b1fdf10ecfe4f791ecaba89e574bc5ab2518ed49f
ea491b419e5a6b6c125d54904db6db35690aa82ebfd58884401987d73fc4b110
f381e2a34fdeebda0f9da91c3b769d8a6411dca04b4e6b41407713228d8278f9
fddfa9f33d8ab7c4132c72e417278b549b051c79d68512bed859762698a74990

c2c.bankffin.kz Open in urlscan Pro 109.233.111.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

8079 kBTransfer

8081 kBSize

0 Cookies

3 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

c2c.bankffin.kz Open in urlscan Pro
109.233.111.131 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

8079 kB
Transfer

8081 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions