howdoyounuzz.buzz Open in urlscan Pro
109.199.115.176 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://howdoyounuzz.buzz/
Submission: On May 13 via manual (May 13th 2024, 1:52:28 am UTC) from HU — Scanned from SE

Summary HTTP 26 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 109.199.115.176, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is howdoyounuzz.buzz.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.

This is the only time howdoyounuzz.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Denizbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	109.199.115.176 109.199.115.176	51167 (CONTABO) (CONTABO)
13	195.85.255.15 195.85.255.15	29434 (DENIZBANK) (DENIZBANK)
1	185.216.115.53 185.216.115.53	49126 (AS49126) (AS49126)
26	3

12 109.199.115.176 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1825564.contaboserver.net

howdoyounuzz.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 195.85.255.15 (Istanbul, Turkey)

ASN29434 (DENIZBANK, TR)

acikdeniz.denizbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.216.115.53 (Turkey)

ASN49126 (AS49126, TR)

analyticsb2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	denizbank.com acikdeniz.denizbank.com	972 KB
12	howdoyounuzz.buzz howdoyounuzz.buzz	7 KB
1	analyticsb2c.com analyticsb2c.com — Cisco Umbrella Rank: 398957
26	3

	Domain	Requested by
13	acikdeniz.denizbank.com	howdoyounuzz.buzz acikdeniz.denizbank.com
12	howdoyounuzz.buzz	howdoyounuzz.buzz
1	analyticsb2c.com	howdoyounuzz.buzz
26	3

This site contains links to these domains. Also see Links.

Domain
www.denizbank.com

Subject Issuer	Validity	Valid
howdoyounuzz.buzz R3	`2024-05-12` - `2024-08-10`	3 months	crt.sh
acikdeniz.denizbank.com GeoTrust TLS RSA CA G1	`2024-01-31` - `2025-01-31`	a year	crt.sh
analyticsb2c.com RapidSSL TLS RSA CA G1	`2024-01-04` - `2025-01-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://howdoyounuzz.buzz/
Frame ID: A67D322B2CBFC6E3C83AD28D7FACD9BD
Requests: 25 HTTP requests in this frame

Frame: https://analyticsb2c.com/id.html
Frame ID: A531FA629091D6EAB2E4DF968D8EC64A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DenizBank İnternet Bankacılığı

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

979 kB
Transfer

1544 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.denizbank.com/dijital-bankacilik/guvenlik
Title: İnternet Güvenliği

Search URL Search Domain Scan URL

URL: https://www.denizbank.com/internet-bankaciligi/
Title: Yardım ve Öneriler

Search URL Search Domain Scan URL

URL: https://www.denizbank.com/dijital-bankacilik/internet-bankaciligi
Title: İşlem Limitleri ve Saatleri

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
howdoyounuzz.buzz/ 28 KB
6 KB 224ms
72ms Document
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx / PHP/8.2.18 PleskLin
Resource Hash: 9435a777482021aa7f0bebb0531fddfedc5bdd89e24f0a50e634f1357f99d133

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 May 2024 01:52:21 GMT
server: nginx
x-powered-by: PHP/8.2.18 PleskLin

GET
H2 404 ruxitagentjs_ICA2NVfgjqru_10263230921131557.js
howdoyounuzz.buzz/ 0
0 67ms
66ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/ruxitagentjs_ICA2NVfgjqru_10263230921131557.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 analytics.js
howdoyounuzz.buzz/_assets/js/ 0
0 69ms
68ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/_assets/js/analytics.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 gib.js
howdoyounuzz.buzz/_assets/js/ 0
0 68ms
67ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/_assets/js/gib.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H/1.1 200
OK styles.f5bca8c54bf65e617db0.css
acikdeniz.denizbank.com/ 763 KB
189 KB 521ms
115ms Stylesheet
text/css 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

cbb84162ab4c1f3692727966592ad6b2b323adefdbccadd96ce6203fa675eb35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-376470200"
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Thu, 04 Apr 2024 10:03:00 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "02254467786da1:0"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK loading.gif
acikdeniz.denizbank.com/_assets/img/ 37 KB
39 KB 525ms
115ms Image
image/gif 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/loading.gif

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Content-Length: 37840
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK logo-light.svg
acikdeniz.denizbank.com/_assets/img/ 176 KB
179 KB 540ms
119ms Image
image/svg+xml 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/logo-light.svg

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1903672353"
Content-Length: 180545
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK world.svg
acikdeniz.denizbank.com/_assets/img/ 1 KB
4 KB 441ms
112ms Image
image/svg+xml 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/world.svg

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

d5b36f08a46e0a0ef81b828bb9d05df63f1f7391521d238b82c5c3ce31782b05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Content-Length: 1301
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK qrPhoto.jpg
acikdeniz.denizbank.com/_assets/img/login/ 12 KB
14 KB 455ms
117ms Image
image/jpeg 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/login/qrPhoto.jpg

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

cf33092752054c7e93201ebd484c7e47a194635120a46cc3786b4107195edf1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1770269844"
Content-Length: 11916
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
Content-Type: image/jpeg
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK denizbank-mobile.jpg
acikdeniz.denizbank.com/_assets/img/ 8 KB
11 KB 459ms
118ms Image
image/jpeg 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/denizbank-mobile.jpg

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

54e92ad9930ef375b8f4e1a1fe7fe5c86d43d7ad00a955c5df818e26489049b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="221306623"
Content-Length: 8059
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
Content-Type: image/jpeg
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK login-footer-logo.svg
acikdeniz.denizbank.com/_assets/img/login/ 2 KB
5 KB 114ms
113ms Image
image/svg+xml 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/login/login-footer-logo.svg

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1740091449"
Content-Length: 2239
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK enbd.png
acikdeniz.denizbank.com/_assets/img/ 4 KB
6 KB 116ms
115ms Image
image/png 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/enbd.png

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="613319431"
Content-Length: 3806
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H2 404 runtime.d949313c474aa6a36fce.js
howdoyounuzz.buzz/ 0
0 69ms
68ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/runtime.d949313c474aa6a36fce.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 polyfills.4e60b75154a5bfaca927.js
howdoyounuzz.buzz/ 0
0 70ms
70ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/polyfills.4e60b75154a5bfaca927.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 scripts.34112078f76353e93a6b.js
howdoyounuzz.buzz/ 0
0 69ms
69ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/scripts.34112078f76353e93a6b.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 vendor.d1dd02645ff1233eec54.js
howdoyounuzz.buzz/ 0
0 71ms
71ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/vendor.d1dd02645ff1233eec54.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 main.4007f495bdb34a7d6f6c.js
howdoyounuzz.buzz/ 0
0 71ms
70ms Script
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/main.4007f495bdb34a7d6f6c.js
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 Appsettings.json Show response
howdoyounuzz.buzz/ 808 B
501 B 67ms
66ms XHR
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/Appsettings.json
Requested by: Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:21 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H/1.1 200
OK id.html
analyticsb2c.com/ Frame A531 0
0 504ms
120ms Document
text/html 185.216.115.53
AS49126

General

Check archive.org

Show headers Download Go to

Full URL

https://analyticsb2c.com/id.html

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.216.115.53 , Turkey, ASN49126 (AS49126, TR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer: https://howdoyounuzz.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

CLIENT_IP: 185.41.240.21
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 13 May 2024 01:52:21 GMT
Etag: W/"WdILbMUjr-C5RCz7PdSKmKyegBXtDCcgkGpWdvfqcuUs-4AvN46w968fy+fLyoVQ7WFsBnBKbsiaa4kzqfrezhGdyj99KKo4wwGhBrhMQOBn1WjleNcvyS0kgom1"
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
content-length: 482

GET
H/1.1 200
OK spring.jpg
acikdeniz.denizbank.com/_assets/img/login/bg/ 325 KB
328 KB 133ms
133ms Image
image/jpeg 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acikdeniz.denizbank.com/_assets/img/login/bg/spring.jpg

Requested by

Host: howdoyounuzz.buzz
URL: https://howdoyounuzz.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

ca8e907c10b418e455dee845fb08993fa1f8edb7a3f890f7a19a8011e472ee3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:21 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-447276320"
Content-Length: 332970
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK opensans-semibold-webfont.1045337df148fc781940.woff2
acikdeniz.denizbank.com/assets/ 12 KB
15 KB 891ms
387ms Font
application/font-woff2 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/opensans-semibold-webfont.1045337df148fc781940.woff2

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

a085c2f1e7df8cdded779fa68b0ce2e0d31d3352ed8d8238cb540f35fa20cf0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css
Origin: https://howdoyounuzz.buzz
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:22 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-795931292", dtTao;desc="1"
Content-Length: 12676
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:57 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0:dtagent10263230921131557OYKN"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Timing-Allow-Origin: *
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK icomoon.dec58148a6d30404f2ff.ttf
acikdeniz.denizbank.com/assets/ 148 KB
151 KB 960ms
457ms Font
application/octet-stream 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/icomoon.dec58148a6d30404f2ff.ttf?hblziw

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

94a465998fa218c8818e3e07f1978e5e037eb39d1d40a58a48e54ae1b297e934

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css
Origin: https://howdoyounuzz.buzz
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:22 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="937458690", dtTao;desc="1"
Content-Length: 151924
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:57 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0:dtagent10263230921131557OYKN"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Timing-Allow-Origin: *
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
acikdeniz.denizbank.com/assets/ 12 KB
15 KB 892ms
389ms Font
application/font-woff2 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

be3979aa66ab98b74f4c323b1c194cba444de65913e489d5786e0c7fd8f310c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css
Origin: https://howdoyounuzz.buzz
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:22 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Content-Length: 12552
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:58 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Access-Control-Allow-Headers: x-dtc

GET
H/1.1 200
OK opensans-bold-webfont.7b013a3110831768093f.woff2
acikdeniz.denizbank.com/assets/ 12 KB
15 KB 963ms
459ms Font
application/font-woff2 195.85.255.15
DENIZBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://acikdeniz.denizbank.com/assets/opensans-bold-webfont.7b013a3110831768093f.woff2

Requested by

Host: acikdeniz.denizbank.com
URL: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.85.255.15 Istanbul, Turkey, ASN29434 (DENIZBANK, TR),

Reverse DNS

Software

Resource Hash

b582e5e36135cfe697ec9cfbb06ff7407a7d89a9e4a1287cfdd905cc3f9669e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self' https://.denizbank.com; connect-src 'self' https://.denizbank.com wss://.denizbank.com https://webstats2go.com https://.captcha.com; font-src 'self' data: https://.denizbank.com; form-action 'none'; img-src 'self' data: https://.denizbank.com https://.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.denizbank.com https://.netmera-web.com https://.captcha.com; style-src 'self' 'unsafe-inline' https://.denizbank.com; worker-src 'self'; child-src 'self' https://.denizbank.com https://.netmera-web.com https://analyticsb2c.com data: https://.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://acikdeniz.denizbank.com/styles.f5bca8c54bf65e617db0.css
Origin: https://howdoyounuzz.buzz
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=2592000; includeSubDomains; preload
Content-Security-Policy: default-src 'self'; base-uri 'self' https://*.denizbank.com; connect-src 'self' https://*.denizbank.com wss://*.denizbank.com https://webstats2go.com https://*.captcha.com; font-src 'self' data: https://*.denizbank.com; form-action 'none'; img-src 'self' data: https://*.denizbank.com https://*.denizyatirim.com; manifest-src 'self'; media-src 'none'; object-src data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.denizbank.com https://*.netmera-web.com https://*.captcha.com; style-src 'self' 'unsafe-inline' https://*.denizbank.com; worker-src 'self'; child-src 'self' https://*.denizbank.com https://*.netmera-web.com https://analyticsb2c.com data: https://*.youtube.com; frame-ancestors https://*.denizbank.com; upgrade-insecure-requests
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 01:52:22 GMT
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: unsafe-none
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1412059869", dtTao;desc="1"
Content-Length: 12776
X-XSS-Protection: 1;mode=block
Referrer-Policy: same-origin
Last-Modified: Mon, 06 May 2024 14:54:57 GMT
Cross-Origin-Opener-Policy: unsafe-none
ETag: "0cd165dc59fda1:0:dtagent10263230921131557OYKN"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Permissions-Policy: accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(self "https://*.denizbank.com"),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(self),layout-animations=(self),legacy-image-formats=(self),local-fonts=(),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),serial=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wake-lock=(),web-share=(),xr-spatial-tracking=()
Accept-Ranges: bytes,none
Timing-Allow-Origin: *
Access-Control-Allow-Headers: x-dtc

GET
H2 404 appicon.png
howdoyounuzz.buzz/_assets/img/ 808 B
501 B 67ms
67ms Other
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/_assets/img/appicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:24 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

GET
H2 404 favicon.ico
howdoyounuzz.buzz/ 808 B
501 B 67ms
67ms Other
text/html 109.199.115.176
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://howdoyounuzz.buzz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.199.115.176 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1825564.contaboserver.net
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://howdoyounuzz.buzz/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 01:52:24 GMT
content-encoding: br
last-modified: Tue, 16 Apr 2024 13:11:46 GMT
server: nginx
etag: W/"328-616367ae5bd52"
content-type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Denizbank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.analyticsb2c.com/	1970-01-21 05:18:21	Name: gcfids Value: WdILbMUjr-C5RCz7PdSKmKyegBXtDCcgkGpWdvfqcuUs-4AvN46w968fy+fLyoVQ7WFsBnBKbsiaa4kzqfrezhGdyj99KKo4wwGhBrhMQOBn1WjleNcvyS0kgom1

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://howdoyounuzz.buzz/ruxitagentjs_ICA2NVfgjqru_10263230921131557.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/(Line 59) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/_assets/js/analytics.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/_assets/js/gib.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/runtime.d949313c474aa6a36fce.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/scripts.34112078f76353e93a6b.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/polyfills.4e60b75154a5bfaca927.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/main.4007f495bdb34a7d6f6c.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/vendor.d1dd02645ff1233eec54.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://howdoyounuzz.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://howdoyounuzz.buzz/_assets/img/appicon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://howdoyounuzz.buzz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acikdeniz.denizbank.com
analyticsb2c.com
howdoyounuzz.buzz
109.199.115.176
185.216.115.53
195.85.255.15
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb
4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a
54e92ad9930ef375b8f4e1a1fe7fe5c86d43d7ad00a955c5df818e26489049b8
59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378
9435a777482021aa7f0bebb0531fddfedc5bdd89e24f0a50e634f1357f99d133
94a465998fa218c8818e3e07f1978e5e037eb39d1d40a58a48e54ae1b297e934
a085c2f1e7df8cdded779fa68b0ce2e0d31d3352ed8d8238cb540f35fa20cf0d
b582e5e36135cfe697ec9cfbb06ff7407a7d89a9e4a1287cfdd905cc3f9669e5
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
be3979aa66ab98b74f4c323b1c194cba444de65913e489d5786e0c7fd8f310c0
ca8e907c10b418e455dee845fb08993fa1f8edb7a3f890f7a19a8011e472ee3d
cbb84162ab4c1f3692727966592ad6b2b323adefdbccadd96ce6203fa675eb35
cf33092752054c7e93201ebd484c7e47a194635120a46cc3786b4107195edf1e
d5b36f08a46e0a0ef81b828bb9d05df63f1f7391521d238b82c5c3ce31782b05

howdoyounuzz.buzz Open in urlscan Pro 109.199.115.176 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

979 kBTransfer

1544 kBSize

1 Cookies

3 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

12 Console Messages

Indicators

howdoyounuzz.buzz Open in urlscan Pro
109.199.115.176 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

979 kB
Transfer

1544 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!