dev-ziraat-bankasi-cevrimici.pantheonsite.io
Open in
urlscan Pro
2620:12a:8000::3
Malicious Activity!
Public Scan
Submission: On April 09 via api from TR — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on July 14th 2022. Valid for: a year.
This is the only time dev-ziraat-bankasi-cevrimici.pantheonsite.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Ziraat Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2620:12a:8000::3 2620:12a:8000::3 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 194.24.224.11 194.24.224.11 | 31471 (FINTEK-AS) (FINTEK-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.216.10.123 52.216.10.123 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 173.231.16.76 173.231.16.76 | 18450 (WEBNX) (WEBNX) | |
1 | 34.117.59.81 34.117.59.81 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
25 | 8 |
ASN54113 (FASTLY, US)
dev-ziraat-bankasi-cevrimici.pantheonsite.io |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gilroy-web-fonts.s3.amazonaws.com |
ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com
api.ipify.org |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
pantheonsite.io
dev-ziraat-bankasi-cevrimici.pantheonsite.io |
27 KB |
6 |
ziraatbank.com.tr
bireysel.ziraatbank.com.tr — Cisco Umbrella Rank: 996387 |
303 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357 fonts.googleapis.com — Cisco Umbrella Rank: 47 |
32 KB |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 5925 |
521 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2603 |
131 B |
1 |
amazonaws.com
gilroy-web-fonts.s3.amazonaws.com |
9 KB |
25 | 6 |
Domain | Requested by | |
---|---|---|
7 | dev-ziraat-bankasi-cevrimici.pantheonsite.io |
dev-ziraat-bankasi-cevrimici.pantheonsite.io
|
6 | bireysel.ziraatbank.com.tr |
dev-ziraat-bankasi-cevrimici.pantheonsite.io
bireysel.ziraatbank.com.tr |
1 | ipinfo.io |
ajax.googleapis.com
|
1 | api.ipify.org |
ajax.googleapis.com
|
1 | gilroy-web-fonts.s3.amazonaws.com |
dev-ziraat-bankasi-cevrimici.pantheonsite.io
|
1 | fonts.googleapis.com |
dev-ziraat-bankasi-cevrimici.pantheonsite.io
|
1 | ajax.googleapis.com |
dev-ziraat-bankasi-cevrimici.pantheonsite.io
|
25 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pantheonsite.io Sectigo RSA Organization Validation Secure Server CA |
2022-07-14 - 2023-06-23 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
bireysel.ziraatbank.com.tr GeoTrust RSA CA 2018 |
2023-03-07 - 2024-03-06 |
a year | crt.sh |
*.s3.amazonaws.com Amazon |
2022-09-21 - 2023-08-26 |
a year | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
*.host.io R3 |
2023-03-27 - 2023-06-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dev-ziraat-bankasi-cevrimici.pantheonsite.io/
Frame ID: C5328BDB0BF870830D9FF2BBB61213B1
Requests: 25 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dev-ziraat-bankasi-cevrimici.pantheonsite.io/ |
58 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins.min.css
bireysel.ziraatbank.com.tr/Content/assets/bundle/css/ |
340 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sub.min.css
bireysel.ziraatbank.com.tr/Content/assets/bundle/css/ |
402 KB 90 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gilroy.css
gilroy-web-fonts.s3.amazonaws.com/web-fonts/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
dev-ziraat-bankasi-cevrimici.pantheonsite.io/Content/assets/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contact.png
dev-ziraat-bankasi-cevrimici.pantheonsite.io/Content/assets/img/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lcon1.png
dev-ziraat-bankasi-cevrimici.pantheonsite.io/Content/assets/img/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phone.png
bireysel.ziraatbank.com.tr/Content/assets/img/login/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon2.png
dev-ziraat-bankasi-cevrimici.pantheonsite.io/Content/assets/img/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon3.png
dev-ziraat-bankasi-cevrimici.pantheonsite.io/Content/assets/img/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comodo-logo.png
bireysel.ziraatbank.com.tr/Content/assets/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram.js
dev-ziraat-bankasi-cevrimici.pantheonsite.io/ |
3 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
22 B 131 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipinfo.io/ |
259 B 521 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-bg.jpg
bireysel.ziraatbank.com.tr/Content/assets/img/ |
104 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BB78E1BCF28E9E4CC.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
D40DF048D299CA4DD.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.woff2
bireysel.ziraatbank.com.tr/Content/assets/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
BB78E1BCF28E9E4CC.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
D40DF048D299CA4DD.woff
bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.ttf
bireysel.ziraatbank.com.tr/Content/assets/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon.woff
bireysel.ziraatbank.com.tr/Content/assets/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/fonts/icomoon.woff2?ijwtvo
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/fonts/icomoon.ttf?oj25nh
- Domain
- bireysel.ziraatbank.com.tr
- URL
- https://bireysel.ziraatbank.com.tr/Content/assets/css/fonts/icomoon.woff?oj25nh
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Ziraat Bank (Banking)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| selectInput1 function| avanzar object| a function| selectInput object| progressBar object| textElement number| duration number| start number| end function| updateProgress function| formatTime0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.ipify.org
bireysel.ziraatbank.com.tr
dev-ziraat-bankasi-cevrimici.pantheonsite.io
fonts.googleapis.com
gilroy-web-fonts.s3.amazonaws.com
ipinfo.io
bireysel.ziraatbank.com.tr
173.231.16.76
194.24.224.11
2620:12a:8000::3
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200a
34.117.59.81
52.216.10.123
00515e2548eced7b2183b863cd6b31aee9cd33d77142efda32dc5fc38667a233
0e6b7ca50d5afac74cf35c3af5d414db13f6e4f28529805405b0d25659d1fb6a
314cf34dd81fcbf771b56ad4e9b5d4d666bfbed5861937d513ffa681b50248a2
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
645d0911fa3a42c4c60320d66afd94a88c28680ee92aa7ef15c8b5ebb39325ab
65dc6f09a58c30389e7c512d08b4233af589b46b4d425fe02eac29a87255fe07
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077
ee81740f6cc74f3e18b1a459058b371b76febbc1ae8b6365783f17a046212719
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc2fc4ed2f3b1851ba85d1ea3573522f580de7802661201b056c466104a044cf