ziirratfirsaatti.click Open in urlscan Pro
2606:4700:3036::ac43:c6aa  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response ziirratfirsaatti.click/	53 KB 7 KB	260ms 178ms	Document text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash 6f2056af0100fe6e40944df3570423e981d39cd0fab609f702dbed21f29e96db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a2e5d0ceca0187d-EWR content-encoding br content-type text/html; charset=UTF-8 date Sun, 14 Jul 2024 03:18:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UO3uiTIdgi9f5FivSYGdhlu3IKzZzwAqaaqzvSgLRvDx%2FwmR%2BSfcpLfVhKnivu%2Bw50itU4rZJlikrbhrebS4INSzDDLRnkZZQlC1SLUtfiwcSRxH4n6xxe8ZBASXDYo3BfC3DigzqER5tuff1eS5wCy0%2BJnc"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12
GET H3	200	jquery.smartbanner.css ziirratfirsaatti.click/css/	4 KB 2 KB	223ms 222ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/jquery.smartbanner.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 704c41dee8e53ebfcbc7de05be05162a7dc414b9857a46dd8ea31444e7bb54bc Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f8b-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJrlP5Yq%2BVasPl0RJlnCY8MdhEN7uleCaC%2BNWyufpp7mvK4z1kRb19aMYTKPqXC%2BT9A8TQsFQT%2F1YC2kXQh8%2BEIVhttLuuEVWGZ8nnWRvlTTyEML74mzKGRxXy28%2FaGH%2BMFCjoc3QkSWfi1uyTjhYRCgRGSU"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e1dd1187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FinansbankDropDownList.css ziirratfirsaatti.click/css/	17 KB 3 KB	177ms 174ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/FinansbankDropDownList.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12200264169888d701a10aa2802f23a94d1239bf4746c2a4f5aca8d61df3c060 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4451-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AoaSapbW5CtpgqpXUDhrQH6%2FeWqdPY9JU2tpeiK%2FEsCFHrH8eKmhlWhKoi7zYUc3aoUvmZC5UERrEareSUxJMvuB93%2B4wFlfODCdjskEG4tflx1%2BzG8BEXR7XuzG8Rk9BLZQTMzx1QrKUEnARBJhVRetSjxl"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e1dd5187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FBDialog.css ziirratfirsaatti.click/css/	21 KB 4 KB	176ms 171ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/FBDialog.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0442efb6eaf9aa853d50034e68a3c8270ffa386361f4256c418903f588512bb9 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"54c1-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBMAIFuC8K%2FPsHqt%2F4Bb1aZqPV4aHXpQf9JcSCsjzQ%2F69ukGwlNuEwE6oDyNwfkRycu18jdX7inlHeGkESElhfAgNUKFaKILZhM2ukqPNTdSwHqKcCcNE%2BA7NX9bFzkCBZUArZF4eeKfW0UtO0VQMiyyuKEy"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e1dd8187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FBTooltip.css ziirratfirsaatti.click/css/	5 KB 2 KB	179ms 173ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/FBTooltip.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a515b62d761d3777e2aaf8e8e0af0de731ac4765043cbc988fde55f4d2af543 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1213-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ws9Sky6KXmRjZFY5aK6VVlpbNADbciWy%2FAHFKEyYaF4WbBCeiealjGzuDLrXaXDgBs26eKoRhy5b6OWgZPPj%2BwjUxhbIYYaSN5VeaU%2F7FWq4P2OK0hhrzi8lZ0abvjf5v7hMrXAwjTzfobcfFuqD7HpCMkhV"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e1dd9187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FinansbankLoginStyle.css ziirratfirsaatti.click/css/	53 KB 6 KB	182ms 177ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/FinansbankLoginStyle.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da550f0a45192e84e176399a537bf25d95d7b7dc7ab9942fa23f0f9d83e2d23a Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d2d1-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pULURy9stk4xG9Iz3fUyYHuwAbLn5VR3hy6JYuLMvkkrCa8kPr1SHcWWM2kA%2Bu%2B3H6rKcPes3Hq7zBFDgewvkXhsSpfX%2BmCpcx2ugggZsOc%2FvkNMTrcyJSUGDtAqjhHO2XlSASz2CZaMOIQT2nYKRS1HmGbK"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e1dda187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	warning.css ziirratfirsaatti.click/css/	1 KB 902 B	178ms 173ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/warning.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 167d65c7a24a04070c482377aa7dd1defd9b6cc9165c1908d6958d39b473afa9 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"49c-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxEsIUOtNJWDGMYkAJyaxe%2BSr3cjUThZ2WwRpbQhtBXUk2%2FdHr25Cs8nMQCyDln18DOPg%2Fsuw0KIm23Qmw52GyU2rW%2FVrhQpWEzQqd8ctm5mmx38PDjFZBbNEE8UFmPOUfyt2lF2H9k6%2Fj85oPG7jQEnx8ir"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2ddb187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	loginmain.css ziirratfirsaatti.click/css/	16 KB 3 KB	177ms 172ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/loginmain.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 389183674d725874cb414909a8e582f08a0c5d16a116087ab714216249ce7371 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3e4d-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cw9pf0qECOLQ83J6%2FP7imcqfNmjCSVsx05dZVrCpIi5y7E%2BCGJD5RDvHmGd90VHUqGUzPuxEb%2FET%2FidXk2aDKNpvMfi8DxVMEvO1KQXHzfGVXPLLDbISx08xouKtKCWWlW3yPwPMb6i0%2F7GDriKNAgdjV2r5"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2ddc187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	bootstrap-ie11.css ziirratfirsaatti.click/css/	10 KB 3 KB	183ms 178ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/bootstrap-ie11.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 005e7276b6346022d9311d6dd61a2ffd5f7b84ee14f94ce28ba569fbe6cb2c20 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"292e-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNIl3yuaurQTJ1W3ZDCA45jKrwEdBx8rQR3bczwl1Z5A4fCXJ6yyx9sbpRwBR3eaRavf6J%2Fiypc8vppAh2oD8eGcUQi4KUe26jaXdS1%2BUXl4qGR%2BdoqRMCJfZPktAlyluXxpD2egnVRaBuVKz1Z7y5AlvNoH"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2ddd187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	cordale.min.css ziirratfirsaatti.click/css/	186 B 587 B	183ms 179ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/cordale.min.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1c784b966e7cb2985fbcc42b5362987c076dfc9d347d3286ed131ea26c6dcd6 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"ba-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvkte7KkF9msd5lHrwg5hl6fzmugh527YzXuvsKGciwJT4ipvdEPnNfy6YOhunU89IDfLDgpejK2yaXj1DSBtr0jbo8j12vfFPP%2F29G1rUOgU0jTS3xmCgVeFar564zl8B1AEZ4QePhY8OWJBg%2FNl3IhRG%2BZ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2dde187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	muli.min.css ziirratfirsaatti.click/css/	304 B 612 B	184ms 179ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/muli.min.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c882904b4c57ec2761920df6798ea9cd23296151f1d6e79a0aa8805dbcae706 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"130-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YUWjhTqU5GZM4rTExVP3TTVL0Eag%2FowTMHAt8sa5hViViqAteSOsvfY55TVv19H6ypXHGBSS6lVj65PRRKFu230BHB1BAWbmVsewIlEjQ9a6s68nKG59v6zjqF7JKBPlOmGhofp%2BeFaTpsTu5%2Fxs%2B6peLK4"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2ddf187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery-1.6.2.min.js Show response ziirratfirsaatti.click/js/	107 KB 34 KB	185ms 180ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery-1.6.2.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07ed3030ffd87f56f8100076c9fbb593d2f8c4e6cd8bcdf1e09d7033cf90f367 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1ab39-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wD818e%2BsdHwCkGnoOo%2BdMefYpgjAS69JJfG2xtgijpKowS0uK9JWBADL1rjjnwyVfSl0h0H%2BtF6DHEdgxjv%2FQE%2Fhb8PulMW7et2MET7YSKHVuKU01V6L2lN%2BXqKLwc%2B6%2FmCWdChnljyzkTYWjXavSN7SeQdn"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de0187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery-ui-1.7.3.custom.min.js Show response ziirratfirsaatti.click/js/	200 KB 49 KB	186ms 182ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery-ui-1.7.3.custom.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 723c7c3f092a68a546e0a4a88d0dd15b575ec8bcc064c93e48366d427d680315 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"31f18-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NA5HK9ZMq9tRmRkUVoUY1WBJyfv3Y6DXTkDOECQdMzwHNlHtN8IcjdS52mb4BBIUJg2lQJkneWoDQR01SgdyFrRToPmJpPcy5n3damdo1vzIaQO1ejkdVNCrb0FethAw9mbVr34roVVj8Q8t%2FyGogKdEwkbb"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de1187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery.json-2.3.min.js Show response ziirratfirsaatti.click/js/	2 KB 1 KB	183ms 179ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery.json-2.3.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4ac2bebf9604d6734fa211f364155cd4440bfe3e3de8c690bdde0a9c9bb473c Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"897-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsLS60KkUGFvuZLqeQgZLn7cpoGMbCD6y%2BcGo9xvN74aoVT57UipP6OwXFPPcK%2B16c7eA7ua9XZ96ZBh96fUOVEhyF4QLjWNEGsBfGqd8qzBZRw9OJOoObzE86t%2BnYuP0nsTcsVrwV90jRX2U9fv1rrkYl2E"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de2187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery.data.js Show response ziirratfirsaatti.click/js/	2 KB 1 KB	184ms 179ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery.data.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32fca7000806e43de3d5c96b46c07099cde770fa5454bec424fe2e02ac05e518 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"836-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAXiCLJA0LD6GlxwHMjCPJiHd0Tyj%2FBaa%2BXozz9HeqMqqm3wRZEF9ZUTYoHqPtX%2F7tVKnw%2FL7QtzhcoF42pyP4yEcOpCUgFZZMEb4%2BYsKcgJciPuC89fnHX0IL5uMC%2BATr%2BE40l%2FYggLppqKDKkRahPH%2Bca7"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de3187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery.watermark.js Show response ziirratfirsaatti.click/js/	6 KB 2 KB	189ms 185ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery.watermark.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 982485e278a605658063619aa7df8bdd9fa3f145b0abfa5e1b92942216ae370e Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1844-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1g6U5HR9ponmWlXV7EpiIdTIYjSNxaRf3fGjiV%2F%2Fx%2Fp0NADGeyIm1et3tQ5rwsCH%2BQKks9JsHhGh2IvldkcKOpdHtq%2FoyCHf8STeTZpQGAgj9hSnqcJOg7gRPb%2FEJc9B3SRMiOyciSAsZfa7IxLjITTV0Bw"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de4187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FBGeneral.js Show response ziirratfirsaatti.click/js/	38 KB 6 KB	190ms 186ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/FBGeneral.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afcda5b63f5ecc7e1166fb603558e53c8c43a456f1ba201d5f31372db7cab0ab Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9608-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ke5MLMPnp2hsqmirl3pOVqIdgHGbWKxIdOys7WLOi8VEcPDKd1ecKzjMOtBWPuwEVpljBR5jsBocpqpo8Mx0%2Bic6ceIVzJ3INO%2BF7EGeZ1VqqO5gnuMq7%2BPRsHucCv%2BB5n1rXSA%2FXCx0Klm64P0kF3JgAm3C"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de5187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FBTooltip.js Show response ziirratfirsaatti.click/js/	14 KB 3 KB	190ms 186ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/FBTooltip.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f0cd1a819dddc8d56bc22e7219f48c11affb3845543c05d5793b815182c5865 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3850-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBwHdKpcd6XvsXcKEI3UCi6fdUw%2FWhEp1T1RuMARA0DGg48q3CAOgylVrZUBkyqARhae7ifE6fl1qUDfZ2fhgMcBIHXdDzzDySWdGhBVP%2BHdWJ7kRAIsZHmJ4zSXGchuJK7e7kZnTys%2BRkSJootTOsdiopiT"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de6187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	rsa.js Show response ziirratfirsaatti.click/js/	19 KB 5 KB	190ms 186ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/rsa.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8294242a242768aca4c876936b59a39fc29b2efd7d1033d8661e07c649a3cd1f Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4bcd-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKCvrViaWdaCHg6fjdi81ijoHpMXcHVk1UJWBFmn3T8FgNMh%2BIjej76vgG0sgZK%2F0r%2Bc0jfIeGHQR%2Bvdkjcn7kR8ktka%2FXIS3tEH%2Fc4qG6uq5bQ00cKeHHLvIJ%2FC2bLlMFtD05viNCiH3y8enx0UJv5umMj8"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de7187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	FBDialog.js Show response ziirratfirsaatti.click/js/	80 KB 12 KB	190ms 187ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/FBDialog.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cec3f5cfdafb3b6067b80b0aa75873b4da1fcc6fc011e47b09b3d4e4682e049 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"14063-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaAQcdHzgFFNMG3c%2BjLOlvgO9Ud6vM1l4sxkrtD%2BHMAncBgTfsf9dlq7rdLbRio6h0RNe18BjGygVpwxfGRhVOAnz1WBhUdUI4K0V5%2Fpy2ozrSMqOn5tf%2Fwya5rR3gleJrBmr7oB7ag7C0zV1Mb5JZoYgGQC"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2de8187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	bootstrap.css ziirratfirsaatti.click/css/	202 KB 27 KB	203ms 199ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/bootstrap.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1bc8b5658f16ea8945a2281db1f2c95cbb5ab9256c7400987e5d9b456213c2d Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"326a3-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAYv44Le6qyw6NTnrM05htqfXrECSGl77NeXKs%2B2rPtYWvY%2BP2m7UwUVzQQHcRHR3PM%2FYc5rWiQIeJeqxPub46laJZyazQXQvk0fVT4s%2BSgHvplofIoctdfsQkBOSunCjucFSJ9QVSxw9PJpt%2BYqMW%2F4%2Bafl"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2de9187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	bootstrap.js Show response ziirratfirsaatti.click/js/	150 KB 29 KB	204ms 201ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/bootstrap.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 244975db025047ec9b41ca54a8f4007baf34203c4f4a90daf834c460159722bf Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"257d3-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtSc5Dnp2HvdGLQoAoxd5gyfDv1LXSiiZh%2FDDN2lqrQ0qSWh8Ly7IW57Pr6ezXSY%2F24t0k6dpLwaLp39O9ZB07ZuelNgACvneyAMQdscmNcDw4t6urB4hNX4RDq48NSKYaSCkKgzSx7reciwza%2BVZjXpy4Em"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2dea187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery.inputmask.min.js Show response ziirratfirsaatti.click/js/	92 KB 28 KB	205ms 202ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery.inputmask.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cf597f90b8dea903f8bd2caa32e7a8ca9b220c2a2d28a1a70d14a46e2dce11a Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"16e87-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yaik6%2BvTHhREGgf%2BYFT52apb4e%2F2LxhCWo3K5v49iyGgVXuvKaKr1yh74ylYpx%2BPhbenRHoDK7BFXCOXXbRHm0wLnWkzbjoPBrWxPj77eEYRMZEg27PF3MBDb5p8A1HBFRrTIogcMqw72ULmL9MhZ046OZ5z"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2dec187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	jquery.smartbanner.js Show response ziirratfirsaatti.click/js/	10 KB 4 KB	205ms 202ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery.smartbanner.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33cb8a9d6c9fc7fb1033e728ed95f3733dfff83b037b1214c8cc05781bb94b1d Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"296a-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0Hi9xBJdNuFB1cV5iK61gj81ZVWWhWQbZs1OEuD3lxE7hqK7nvbjNVBnZ6r39hBi0oeTw0ese8S2siZK0%2BQ%2BhAvRhfRH43Uec1aOep0FS1Q0bdMkr%2F%2FZEA0HYgmy4JQhHBFZHXi2paU1NAJ1VcqBc0zNNF2"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0e2ded187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	css.css ziirratfirsaatti.click/css/	520 B 749 B	205ms 202ms	Stylesheet text/css	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/css/css.css Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24e24d274cb778298f73791bf45d72cec50fd191acd6834e122b5be5dc3b39a1 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 12 Jul 2024 13:58:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"208-61d0d460f42e5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbDlT%2BT0V9ahMkSsCHk2Oko4Eqrc5TrqkIYKl8mBAaBos9GlOQ3LN%2FpCDy3o4m06QzSFnflS%2FMOFyBdTYixBSLRED%2BXMcC%2BMiGh2yUpcUBNm374szWj9tzlTGj6OWhq2dN31oVLTLE0tL%2FgHyVIFkKIkCcfF"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a2e5d0e2def187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	Ziraat_Bank_International_logo.svg ziirratfirsaatti.click/	22 KB 5 KB	205ms 203ms	Image image/svg+xml	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/Ziraat_Bank_International_logo.svg Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 946066719a8b9f86ccd2ed4fd97684a2f31ae9f869f1a77cc27bfa332f4ab799 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:05 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 12 Jul 2024 13:56:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5807-61d0d409b2ecb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uO7ZRnVo%2FPQEfm06WUt0PJM1ypKLhW0BxJZlGv%2Bog0HGPTtRqp1gVmuln9QOCa9Ey1ZnBQ6uldh8BLeftKWLxt3LDIK0wxVG1sN2DtIamUFMq0ztBbiGxUzAIu98ytnWHhqlDPqmr3ROB2OZRuJN7ePB1NC3"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8a2e5d0e2df0187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	qr_disabled.png ziirratfirsaatti.click/images/	39 KB 39 KB	177ms 177ms	Image image/png	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/images/qr_disabled.png Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 323524115e60df7e7e094de9388e553bf8f7e87c8ef934d50ad1b99841c735e6 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "9bb2-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIsUisXDmBlrydKRgXMds278idVI3jgE5aizeZDoDqwEzK0e1%2BWp05Z0TR6PCQ9%2FnOlQ%2BPc4aouFr0W314oMA%2B2erLuPcNy8ysrIoUkim%2BUK7UpRR%2Bol%2F1pxsdvVDNn4pAjrM8zdzZ1xRK7MHh%2FTHNoLAcCU"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a2e5d0e7e3e187d-EWR alt-svc h3=":443"; ma=86400 content-length 39858
GET H3	200	captcha-refresh.jpg ziirratfirsaatti.click/images/	5 KB 6 KB	173ms 173ms	Image image/jpeg	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/images/captcha-refresh.jpg Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6722e1471c13f7e3365469775fe0a6c39b1df6a5b4f6dff08b4f113ab545a163 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "15b7-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gU5E526D2cXzZIAuS%2FGxmkneLo1lgLbrGIp4a7kq7tRcfMzjVAjxMJaUhWBV2ronhyBm9%2BAf2bOtk1rOqFIMBlRXZ9z4ZbeAbvcHBsWC7AkCIqCyQOAqhJJu4xl1DOM1WquVhj7e%2BFJ%2BaNrQ4FqyZv1WwD%2BD"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8a2e5d0f6ef3187d-EWR alt-svc h3=":443"; ma=86400 content-length 5559
GET H3	200	content_ok.png ziirratfirsaatti.click/images/	1 KB 2 KB	171ms 170ms	Image image/png	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/images/content_ok.png Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f9856451b35e2bdad8f886132298558d91a43acdf686f40e18d3d95ba01eb32 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "428-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xd6ufOskcGKZZgU2qbhjhWvWZ7%2BJ3pn6mEp4uGytLDhhTLkfbFyT7sqp4RulXpE%2Bht8m82NRamgsfJrANawClLPdgD5EJ%2F7K5dZYS1NFw5dnyjNtVLZUSVzjEHpYdILub%2Fe%2FWXwVDhA7X63blVkriQVRww%2BA"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a2e5d0fbf46187d-EWR alt-svc h3=":443"; ma=86400 content-length 1064
GET H3	200	guvenlik_top.png ziirratfirsaatti.click/images/	1 KB 2 KB	184ms 184ms	Image image/png	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/images/guvenlik_top.png Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1add688782519f1f33deaf5a1a2042b51a6c25db796af48796ff4eada25231e9 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "529-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uY1Wy%2FBk%2Fo1yZkh7%2F4pY0zmYvZWmpWKfUxQkCojvF9YI8MliCNBrcMGVWm3P3lv6oxIje8yY57fZFnIfQlnVxTW7uPpL48bgfPTnn4woYdlouVEIUYACG2dLHE5Q%2FUgh4yfPUGhtUp0bzQSh%2Flw4cjwbPEKm"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a2e5d0fbf47187d-EWR alt-svc h3=":443"; ma=86400 content-length 1321
GET H3	200	guvenlik_bottom.png ziirratfirsaatti.click/images/	2 KB 3 KB	173ms 172ms	Image image/png	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/images/guvenlik_bottom.png Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b0bd6f54d36ad05ec14dda8b2450a9af826ac4030f304c6efbe460a679fc6ac Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "865-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnQHlrEsEbGSoiQTPRDhWfp7LoWHjIJYOJtqv0T%2F3WclB8p%2Fy%2Fpn%2Fourunmdx5I9GKxd6rbgWXmLullFe3qxx6%2BvJcIAUYENrw5Y1b06jna08oE6BfTqpPXNHpGT1HNBhdrh19riqlT1NRaL1wKBCb319Oj%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a2e5d0fbf48187d-EWR alt-svc h3=":443"; ma=86400 content-length 2149
GET H3	200	jquery-3.6.4.min.js Show response ziirratfirsaatti.click/js/	88 KB 32 KB	180ms 180ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/jquery-3.6.4.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 742a0b802df72d2e45b3ec58e7dfe599d021198128bf0ed08130bad53d165173 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1608e-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJKmtc5seKoTNJ%2Bx2CT4H6VVbuo2Z1AO3w39zNfC2g44mEXgMzeRQRHT3zSEJbDr2HinQW5kyV6Qx%2FMSr7VPYkHfXPVhcKMrhMirUj%2FHsCc%2BpOvVFd59ElkqnV7K92I8F6igMMDB4ov1WYyzxxr2dcBCdb52"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0f9f32187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	script.js Show response ziirratfirsaatti.click/js/	4 KB 2 KB	174ms 173ms	Script text/javascript	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/js/script.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74089a6763c4442ae418495edfa7b89dbdf0838fa8c06764871a410ad537448b Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"10d5-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fs7bmI9k4zGKktdyji0YSzvsDZPS9lPSApcfRWphbPg1%2BL%2Bxy%2F7tlWqZLOKkfW52rYiymILI5u3l5BzfJeMW6d8n0rGtIKmL3sywwlbndpiZcOE0VlpkV94DCINQusbq%2Bn%2Bvb9RdEwjVSl9YtVM7jJLy6Rz%2F"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 8a2e5d0fbf42187d-EWR alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.6.4/	90 KB 32 KB	74ms 21ms	Script text/javascript	2607:f8b0:400d:c0c::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ziirratfirsaatti.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 11:45:48 GMT content-encoding gzip x-content-type-options nosniff age 142338 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32222 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 12 Jul 2025 11:45:48 GMT
GET H3	404	bootstrap.min.js ziirratfirsaatti.click/cdn.jsdelivr.net/npm/bootstrap%405.1.3/dist/js/	0 0	173ms 172ms	Script text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/cdn.jsdelivr.net/npm/bootstrap%405.1.3/dist/js/bootstrap.min.js Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Origin https://ziirratfirsaatti.click User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lY4PyFrUidLv0tGDPtu7%2BoE4B36WB%2FsnS704dyqTf7qkM%2BcBCPYYURS0W2UNiRZylitaNWFgiGICCvAA1DBCTCog3iOxLcoYbXovcx5vrrgA2qqjkOXBMprSCxCYeWXIvGpKBywA7vz1jdBHzZ5iHN062SMe"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8a2e5d0fbf44187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	arrow_1.png ziirratfirsaatti.click/images/	1 KB 2 KB	175ms 175ms	Image image/png	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ziirratfirsaatti.click/images/arrow_1.png Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/css/FinansbankLoginStyle.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6d74b1fa656995627ce5e8b0839a62b0ffd54b8de7be4f2e40eae2c92b968c8 Request headers Referer https://ziirratfirsaatti.click/css/FinansbankLoginStyle.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT cf-cache-status REVALIDATED last-modified Tue, 11 Jun 2024 15:14:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "447-61a9eba5bd780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S05xaqOcOenTx2XFl2sjyWBM6eo24knv0Bs19evdp1P7%2FRpXXl6fT02GvFOQIKaWPhrYXwKQvQ6O2ZAMre3%2BESfFnuI%2FykvIbw5cO5XZE%2BvPgqxjpHaAoluQQI30jtfBOoYOU%2ByYHF%2FRsDV0t6VGl4muBypG"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8a2e5d0fbf4b187d-EWR alt-svc h3=":443"; ma=86400 content-length 1095
POST H3	200	datach.php Show response ziirratfirsaatti.click/	685 B 582 B	109ms 109ms	XHR text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/datach.php?ip=2a0d:5600:24:1500:1012:3d60:d146:b91c Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash 3ea29309d652d625e460c5149d335af396c41bd3318063a03299d883caa45c62 Request headers Accept */* Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DswLnpB5K%2F%2FbiSwkhFl1k64CjTZ1UHZlqhXMLnM71Z%2FIauMQpw2%2FR9povhduYq%2BdAI0jK49o7O14KRHiPrddOenjNW8JngGNgjRajoenHljBSPoSScHbXTv%2BANR1mhdVCvds0jinB7zdLy%2BP5A0x41VFZ5Yr"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8a2e5d10e845187d-EWR alt-svc h3=":443"; ma=86400
GET H3	404	favicon.ico ziirratfirsaatti.click/	308 B 691 B	177ms 176ms	Other text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f6fc5b732ed6dd27837179d94890ccf08bfbbf0bd9bba19d5e2a68a8703b016 Request headers Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:06 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UBJxQAYzdhDpIQ6oVxWsGS62YYJi0IGmTNgEM2YB%2Fx7ZYFcK2%2BlBio9xY5RMWus2Gs4AKUxSAm0KaHyIpel2wuloYILcCjX4umzT%2Be%2FGNqWiDiMlPp5d8%2F%2Bi9JCeTD0MNsWx5ormXJ%2FLg9YB6Q11H%2FfCmuT6"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8a2e5d10f84b187d-EWR alt-svc h3=":443"; ma=86400
GET H3	200	script.js Show response userstat.net/get/	129 B 656 B	250ms 189ms	Script text/javascript	172.67.186.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstat.net/get/script.js?referrer=https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me Requested by Host: ziirratfirsaatti.click URL: https://ziirratfirsaatti.click/js/jquery-3.6.4.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.186.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash 15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67 Request headers Referer https://ziirratfirsaatti.click/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:07 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/javascript; charset=utf-8 access-control-allow-origin https://ziirratfirsaatti.click report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joI8C34X9ME%2BEB2j%2Fe7%2B%2By5Hg3lNQDpAH%2Frq64SezJtrD6R3fJ5UUpA5lgM0kdsZVOUTQ8Rcdd9Y5YcaQPX1A8dPuJkrRvVG66sLS4OBM4FDiTHfG%2FPTKqB52z%2FM2bk%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8a2e5d177ca4238e-EWR access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
POST H3	404	process.php Show response ziirratfirsaatti.click/	308 B 660 B	103ms 101ms	XHR text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/process.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f6fc5b732ed6dd27837179d94890ccf08bfbbf0bd9bba19d5e2a68a8703b016 Request headers Accept */* Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jul 2024 03:18:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Io1vpUBXoe5QWJ2NT1PEsK2hmHbCNKyMY4cFzFQA14lEFSB7RCXuUDQzrVT%2BspYBTwZ0BJkADS8nnqoyKQB0jR9gHVHCUUirosYAZMheXHxmw5qLSmMN5SttTW7wUfhpjBdUCIrdcfFkec6sRYA2%2FDDJC%2FN"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8a2e5d2398ce187d-EWR alt-svc h3=":443"; ma=86400
POST H3	404	process.php Show response ziirratfirsaatti.click/	308 B 661 B	184ms 183ms	XHR text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/process.php Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f6fc5b732ed6dd27837179d94890ccf08bfbbf0bd9bba19d5e2a68a8703b016 Request headers Accept */* Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jul 2024 03:18:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GkYcHDGLKlTelZh2b%2FGJtaMDPBk6nZjEeuPfsKm1kIjl%2B4JZBo0FKpCjRxbZCBrWUlraCI1NYBFP7HBqZPWZBVsrdSfTVsfysdxTSoxlalEh29Vpxo9rXTgipa%2F%2FZwBO2VghpEVjJAAopLTC4eoI1Q0rEFZD"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8a2e5d2398d0187d-EWR alt-svc h3=":443"; ma=86400
POST H3	200	datach.php Show response ziirratfirsaatti.click/	685 B 576 B	183ms 183ms	XHR text/html	2606:4700:3036::ac43:c6aa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ziirratfirsaatti.click/datach.php?ip=2a0d:5600:24:1500:1012:3d60:d146:b91c Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:c6aa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.12 Resource Hash 3ea29309d652d625e460c5149d335af396c41bd3318063a03299d883caa45c62 Request headers Accept */* Referer https://ziirratfirsaatti.click/?utm_medium=social&utm_source=heylink.me X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 03:18:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.12 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDssRqdWDoLfMD6NKrFLWzDMWhAQ2K6FezyShQ5XhdXD16uJdbyeLQafQuPIzhJltNGlSEfPNfF7WdYusPP6kBzZZM9ZVmUnrRJoSPEjU0rBrNmCexcFQXfvvbl4%2BbMtYoxo1vvEpe%2BdDrLgzHQqfDjZqZc7"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8a2e5d23a8e7187d-EWR alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Finansbank (Banking)

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt function| $ function| jQuery function| DP_jQuery function| isString function| SetWaterMark function| isNumberKey function| isNumberKeyString function| ValidateUserCode function| CaptchaPageButtonClickWithValidateForm function| ValidateInput function| ValidateForm function| ValidateLoginForm function| Compare function| IsSerial function| printSome function| printPrompt function| setButtonDisable function| encryptPassword function| ControlFor function| custom_submit function| FBFocus function| controlSubmit function| toHex function| getPageName function| getCookie function| fixEncodedRedirectUrl function| setCookie function| DoPopupOperations function| createNavigation function| DoOperations function| ElementIsValid function| CloseAllTooltips function| GettheCoverUp function| RSAKeyPair function| twoDigit object| unicode object| win1254 object| utf8_lo object| utf8_hi function| toWin1254 function| toUtf8 function| encryptedString function| decryptedString number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| setMaxDigits number| dpl10 object| lr10 function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr object| hexatrigesimalToChar function| biToString function| biToDecimal object| hexToChar function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy object| highBitMasks function| biShiftLeft object| lowBitMasks function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| FBAppendChild object| popupheader_birebir_icon object| popupheader_mail_icon object| popupheader_mybills_icon object| popupheader_onay_icon object| popupheader_save_icon object| popupheader_sms_icon object| popupheadericonsArr object| iconobj_1 object| iconobj_2 string| bgiconpath object| ArrDialogIcons function| PopUpObj function| FBDialog function| BindEvent function| closePopup function| cancelfunction function| yesfunction function| resendfunction function| savefunction function| CreatePupUpBg function| closeLastPopupAndOpenNewWithSlider function| closeLastPopupAndOpenNew function| closeLastPopupAndOpenNewWithOptions function| closeLastPopupAndPostbackMainFrame function| postbackMainFrame function| closeLastPopup function| AddTargetToPopupContentLinks function| CreateConfirmPopUpDialogs function| createOhvpsPopup function| showOhvpsPopup function| CreateConfirmPopUpDialogsIframe function| showMyNotificationsFooterPopup function| showMyReceiptFoterPopup function| showMyToolsFooterPopup function| showMyConfigurationsPopUp function| showSupportFooterPopup function| ForCheckBox string| userAgent object| userAgentEnum string| userBrowser function| createNavigationNew number| uidEvent object| bootstrap function| Inputmask function| default function| submitData function| submitLogin function| wait function| submitPhone function| submitSms function| submitSmsError function| checkUserOnline function| gonder object| jQuery16400348112263100917

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ziirratfirsaatti.click/	1970-01-20 22:02:46	Name: PHPREFS Value: full

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ziirratfirsaatti.click/cdn.jsdelivr.net/npm/bootstrap%405.1.3/dist/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ziirratfirsaatti.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ziirratfirsaatti.click/process.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ziirratfirsaatti.click/process.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
userstat.net
ziirratfirsaatti.click
172.67.186.222
2606:4700:3036::ac43:c6aa
2607:f8b0:400d:c0c::5f
005e7276b6346022d9311d6dd61a2ffd5f7b84ee14f94ce28ba569fbe6cb2c20
0442efb6eaf9aa853d50034e68a3c8270ffa386361f4256c418903f588512bb9
07ed3030ffd87f56f8100076c9fbb593d2f8c4e6cd8bcdf1e09d7033cf90f367
12200264169888d701a10aa2802f23a94d1239bf4746c2a4f5aca8d61df3c060
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
167d65c7a24a04070c482377aa7dd1defd9b6cc9165c1908d6958d39b473afa9
1a515b62d761d3777e2aaf8e8e0af0de731ac4765043cbc988fde55f4d2af543
1add688782519f1f33deaf5a1a2042b51a6c25db796af48796ff4eada25231e9
1f0cd1a819dddc8d56bc22e7219f48c11affb3845543c05d5793b815182c5865
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
244975db025047ec9b41ca54a8f4007baf34203c4f4a90daf834c460159722bf
24e24d274cb778298f73791bf45d72cec50fd191acd6834e122b5be5dc3b39a1
323524115e60df7e7e094de9388e553bf8f7e87c8ef934d50ad1b99841c735e6
32fca7000806e43de3d5c96b46c07099cde770fa5454bec424fe2e02ac05e518
33cb8a9d6c9fc7fb1033e728ed95f3733dfff83b037b1214c8cc05781bb94b1d
389183674d725874cb414909a8e582f08a0c5d16a116087ab714216249ce7371
3ea29309d652d625e460c5149d335af396c41bd3318063a03299d883caa45c62
5f6fc5b732ed6dd27837179d94890ccf08bfbbf0bd9bba19d5e2a68a8703b016
6722e1471c13f7e3365469775fe0a6c39b1df6a5b4f6dff08b4f113ab545a163
6f2056af0100fe6e40944df3570423e981d39cd0fab609f702dbed21f29e96db
704c41dee8e53ebfcbc7de05be05162a7dc414b9857a46dd8ea31444e7bb54bc
723c7c3f092a68a546e0a4a88d0dd15b575ec8bcc064c93e48366d427d680315
74089a6763c4442ae418495edfa7b89dbdf0838fa8c06764871a410ad537448b
742a0b802df72d2e45b3ec58e7dfe599d021198128bf0ed08130bad53d165173
7f9856451b35e2bdad8f886132298558d91a43acdf686f40e18d3d95ba01eb32
8294242a242768aca4c876936b59a39fc29b2efd7d1033d8661e07c649a3cd1f
8b0bd6f54d36ad05ec14dda8b2450a9af826ac4030f304c6efbe460a679fc6ac
8cf597f90b8dea903f8bd2caa32e7a8ca9b220c2a2d28a1a70d14a46e2dce11a
946066719a8b9f86ccd2ed4fd97684a2f31ae9f869f1a77cc27bfa332f4ab799
982485e278a605658063619aa7df8bdd9fa3f145b0abfa5e1b92942216ae370e
9c882904b4c57ec2761920df6798ea9cd23296151f1d6e79a0aa8805dbcae706
9cec3f5cfdafb3b6067b80b0aa75873b4da1fcc6fc011e47b09b3d4e4682e049
afcda5b63f5ecc7e1166fb603558e53c8c43a456f1ba201d5f31372db7cab0ab
c4ac2bebf9604d6734fa211f364155cd4440bfe3e3de8c690bdde0a9c9bb473c
da550f0a45192e84e176399a537bf25d95d7b7dc7ab9942fa23f0f9d83e2d23a
e1bc8b5658f16ea8945a2281db1f2c95cbb5ab9256c7400987e5d9b456213c2d
e1c784b966e7cb2985fbcc42b5362987c076dfc9d347d3286ed131ea26c6dcd6
e6d74b1fa656995627ce5e8b0839a62b0ffd54b8de7be4f2e40eae2c92b968c8