www.bahaxasdfhb.click Open in urlscan Pro
2606:4700:3030::ac43:cb59 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bahaxasdfhb.click/
Effective URL:
https://www.bahaxasdfhb.click/
Submission: On May 15 via api (May 15th 2024, 11:39:50 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3030::ac43:cb59, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bahaxasdfhb.click.
TLS certificate: Issued by GTS CA 1P5 on May 15th 2024. Valid for: 3 months.

This is the only time www.bahaxasdfhb.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BDDK (Banking) Turkish Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:303... 2606:4700:3030::ac43:cb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2

32 2606:4700:3030::ac43:cb59 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bahaxasdfhb.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	bahaxasdfhb.click 1 redirects www.bahaxasdfhb.click	111 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	28 KB
32	2

	Domain	Requested by
32	www.bahaxasdfhb.click	1 redirects www.bahaxasdfhb.click cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	www.bahaxasdfhb.click
32	2

This site contains no links.

Subject Issuer	Validity	Valid
bahaxasdfhb.click GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.bahaxasdfhb.click/
Frame ID: F15943C0EF866B06B8CCED9379591E66
Requests: 30 HTTP requests in this frame

Frame: https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 20059FED7E9B3DAC6B6056BB92BD6889
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bahaxasdfhb.click/ HTTP 307
https://www.bahaxasdfhb.click/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

138 kB
Transfer

501 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bahaxasdfhb.click/ HTTP 307
https://www.bahaxasdfhb.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.bahaxasdfhb.click/
Redirect Chain

http://www.bahaxasdfhb.click/
https://www.bahaxasdfhb.click/

14 KB
5 KB

255ms
221ms

Document
text/html

2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30 PleskLin
Resource Hash: 65e83404709229c1528056fc2a7426835c24c60b638d37caa731393f7f7ef99c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8846f814ca89a020-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 23:39:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C962x3DM7Pq%2BvdBbZNTKO8ZxAlF%2FJ9qlMgD8%2FBYkythPhN8t7im6eLc2zTmLmoaBwxEY7v9rJQGkujNBcnGu207rxR3CrZPye%2BqIHrjQcKykf5%2Bk1EBn7Ufwi4f8TX8X4X7ln7Ytj0yUI996bHwbFY1EVI4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.30 PleskLin

Redirect headers

Location: https://www.bahaxasdfhb.click/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 base.css
www.bahaxasdfhb.click/assets/css/ 125 KB
21 KB 35ms
23ms Stylesheet
text/css 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/css/base.css
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 73f7279807a6872a399e9f1b335ddf2a847f29784d4f769adfe18e0f96c0f232

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-1f4c0"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0V8XE%2F%2F9wjMRVUkvJkRE8FYz3zucO58tV%2BG%2FtgV0bG6ic3IfEs1%2FcLRixaeSxzWoXF%2B%2BYpDyvp5Hb6hekX26%2Fe7jLM0QufXXX33umukf2kpsn15iVtZLiI2mggKQy%2FgWOIEAEdKx5SckSlcvKw4wOsxJ8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8846f8166bb0a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 header.js Show response
www.bahaxasdfhb.click/assets/js/ 10 KB
5 KB 22ms
17ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/header.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5e002677cbc74b8ece199259c3000ad851348079c777165d04d76e7a28e0ca48

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-2706"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6ZoEiPPa%2Fp%2FMS4BoClUHv1bbFmGkWZBZVXdkgDIfRlLUxlzY4BQiVPSGrWr2LM1prEnPX%2FCZb9rCDnQ9GiUL6pom0xMdnA7kSv5CMKUkHSnDE9edswtnZU99%2F5ytcbwPLJg9%2B0VuFlRcxtkhWRDSsKAiec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f8166bb1a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 giris.css
www.bahaxasdfhb.click/assets/css/ 44 KB
8 KB 21ms
18ms Stylesheet
text/css 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/css/giris.css
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7240d65c7509f145e5147366d7393a1fd182cac4e950b15d2089c62b7e282d41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-b0f9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHlMQ%2FxI%2BYnqQ2gpcn3UVEtelKZW6RHWHk25nohu7reEoly%2FhjrtyRQ3JrhGHnPyouiNE4AxezhnWCT5XHT8klGNNJ8aD7ZO%2FO%2BJ%2FZOHVhWsJUT2i2cB0aezB40DhhZIHUw4HfGxzvCbL3dnB6JtKTVE3fE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8846f8166bb3a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.png
www.bahaxasdfhb.click/assets/img/ 2 KB
2 KB 23ms
22ms Image
image/png 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bahaxasdfhb.click/assets/img/1.png
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 873
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 1855
last-modified: Sun, 07 May 2023 13:46:32 GMT
server: cloudflare
etag: "6457abb8-73f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E64xGFd8JXWgp46770kgBHfpaeN3amvjWWCn1GrQL1WT%2B%2BsVdkLFZiqmd0gFyXHEzYofGcnJMZmLu8RZmO7PBkyF2hs4e2ZUo%2BMYZtm1SKXhFdAObN4Wd3mV5IzZMOeTP7eSdRlbNqNYaXiy%2BtAQXCb7DFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8846f816bbeaa020-FRA

GET
H3 200 form-progress.svg
www.bahaxasdfhb.click/assets/img/ 1 KB
1 KB 19ms
16ms Image
image/svg+xml 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bahaxasdfhb.click/assets/img/form-progress.svg
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-42c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzFJPlIWqOPiKuC8QLynv3YRQEk3FYxIpK5SQk0u5DZNscTe1v0gAJ9i3dbpLggA%2FnxqUqzfbjcoAHXHYLnEFdDY9tVLGaRbuUFdIVZ8%2BRqzzas42JB6MJmSCH8IuFJ3pQlW9uZHRJ%2Fw9he4vqTit2fNmKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8846f8166bb6a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bb-ubak-tsat-black.png
www.bahaxasdfhb.click/assets/img/ 15 KB
15 KB 31ms
29ms Image
image/png 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bahaxasdfhb.click/assets/img/bb-ubak-tsat-black.png
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 873
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 15120
last-modified: Sun, 07 May 2023 13:46:32 GMT
server: cloudflare
etag: "6457abb8-3b10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPFPmQlPPCA82ci%2FuYaPa2BPylGxFYexGrP65H7xcvO9qPyaEJFNAl3UAiE2ivj5N3HljNYnEkrrlwBnG9F8WE4hW8KUkDPm0hGYZiJvVo9R%2BLa2O4zbtppH35zNC%2F8JOD8%2FOvLDIXavDZitRObVNuquVBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8846f8166bb7a020-FRA

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 40ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1139778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPCcwG%2BoWcERr77Utb0bHb3%2Fdh%2Bg2dNRuUtOS1uhwPqm5%2FRwDfIozYVsLo7%2FMIO90PFBbxV%2BUgZk2BCPBIJ22udmzTSLki%2Btm4K3Q%2FSpqbKKsq9i316uMETLO1%2FyxNmzNdAGdzQVf3ZOdUBTYLUb0ESv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8846f816d905367f-FRA
expires: Mon, 05 May 2025 23:39:45 GMT

GET
H3 200 jquery.maskedinput.js Show response
www.bahaxasdfhb.click/assets/js/ 10 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/jquery.maskedinput.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-2902"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qX5eGSca9CfW%2BEr4cud%2FQWj77svRDYSx2hUNLxyJzCQCjvTLfv8iYf1RWGNNlyTFjm31JgCTG8sGyhfPTjYBD8WtJWvO6MIJXUf%2Fkh6I0xYVpH443X1dUsuBfUgOfZQtYQGlDD3J7CdFn2rBsbqJjeKvbvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f816abe2a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 inputmask.js Show response
www.bahaxasdfhb.click/assets/js/ 121 KB
25 KB 20ms
18ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/inputmask.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7a5dde98fa0c5faf365959c6911d93697e0ae90dc156db3f25afc3cbb4ddc1a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-1e20d"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNZOnDm7mIkSbxywB01HJ3ldjUrVcfvkjuj6qiOd9%2BTDnGwtw40B10ohBvkxC0Tnu3TF16Qa%2FVR5sYD6t8H%2BviWgOzoGMHZ28Qu2RWZLQLxnMII9W%2FHQsjmWDz7Yra2pmSAsf3zSF1mL440aPM970XMT2oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f816bbe5a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 inputmask.extensions.js Show response
www.bahaxasdfhb.click/assets/js/ 3 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/inputmask.extensions.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b6451989470c4a49372ab0702abb602da99dbe7bb0707993bd3f01d703a80212

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-d73"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JYe9YrBCDHsgZhtdB5k0eHEPmazpslAnXrwDmEdjm1Y4Pfj15VIKLt9xLzmBkX3gvt8dsFzh%2F1JzmjVc6swjki9KuO4l3wRKoZ6CR8VxBMwCjLQtWxvk3VtE5O1b3sJO4IABzJ0Q0sTtVDjwSXcEB2YLY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f816bbe6a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 inputmask.numeric.extensions.js Show response
www.bahaxasdfhb.click/assets/js/ 24 KB
5 KB 17ms
15ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/inputmask.numeric.extensions.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 97bc947f6b6ffd0042a86a82ccee14a89920194d87c185eccd3208f70574067e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-614f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRNdKZ9DuwN%2FCtxGR%2B816tVeuiFLiZe4HIUhZN5CUCWYip1yjbnKqVRY7n7f5KqUDDhmIu%2B3sAJa7A6BgW1k37HsU0mHrQiG7%2FMf3Xu8q%2Bnx%2F604laGO3oRXk%2F7658XKAvHsV0gWiOx2Yuih0BrAM0ZTGWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f816bbe7a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 inputmask.date.extensions.js Show response
www.bahaxasdfhb.click/assets/js/ 24 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/inputmask.date.extensions.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 45e1abbe19c2f001c291c150e9fc5c70798203b4733e1841217524ba4720e8bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-5f66"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWEaAH7FfVcCd375V0l6T4ZJpDX9vB6TqeqmcN%2FdgP0pQFZqZCWb%2FGhYB2%2BT2rVL%2FJ8cjkmDknE4GeT%2FdfzGHFDaOf%2Fp%2Fm4YZQGDr95kEwnKzRxcvXu7y0AoMaUuwYhB%2B%2FyO00nCJWB%2FD6Ubk4Llh9aERdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f816bbe8a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.inputmask.js Show response
www.bahaxasdfhb.click/assets/js/ 3 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/assets/js/jquery.inputmask.js
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0566e20d61e2e798bda5067585595950ad6e49c1d6103a1583c9b5546f8db8d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873
etag: W/"6457abb8-a3d"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AymYMJAVEwhwq%2BtQG7w9Fj2eO5jINn5ZNDLbVWhT7gqaVyMWj4oqnlU5hv7sxhSCGyDD4qYG6Q7oN5ytDDEgLdU10RJbbRJLcH8yVaW51%2Bw4St5GO4vr9jw0Z20vBzG4LrGkuBY%2BlstwWYm7%2BsP0OrhCXmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8846f816bbe9a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-regular-webfont.1.woff
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 151ms
149ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-regular-webfont.1.woff
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R83MI4D%2Bxb%2BqjLBDxOUixbf9A7qyTV%2FDcHmOW7dExcgHnBqfRVhHwUyeDUAIBjgDtbs4SkLGzjf2ChUcTcGgc09nahj6%2FgAIyQ%2BdBZRoUwqgn5xmpA%2BulWAB3yCOZd2r9h6mEF%2BEQGu3Sy5%2By6JmO5mbXdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f816dbfea020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 edkkds.svg
www.bahaxasdfhb.click/assets/img/ 9 KB
4 KB 150ms
150ms Image
image/svg+xml 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bahaxasdfhb.click/assets/img/edkkds.svg
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 06502153e0e50d4126373b6fa182d91a6d78ba1dd919dac8b5a2e53e391eb091

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 07 May 2023 13:46:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6457abb8-2272"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETDEWnAL%2FY%2Bfpdy0AnMtYl8juo0VakHtFsKr17MzcYUzY7TWdM8ZAew1nv%2FxUVCoIJBfkjaNNY6mymIHMhoLABFZWxpkvCAt9nky1PPwBEjZQ06c%2B51PRnnlTfch8AeLIc1PgGA9YFfMJdgn76SpZX2TBh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8846f816dbffa020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 button-right.1.svg
www.bahaxasdfhb.click/themes/izmir/images/ 808 B
808 B 169ms
168ms Image
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bahaxasdfhb.click/themes/izmir/images/button-right.1.svg
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/giris.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/giris.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JndKArxhp%2B%2B5dh3ipmpadiBr8WispoKuOZ0zp%2Bvy6owlMA3R%2B%2BBWIHaoHftafQpw03xZsAfNaZtEq8h8oVvzfaNVMs%2FM27gDZ4isY3Wn7hVMVmIxAs7%2Bg28U0gYrshpMnWeID3FwK8uPbUQNhL4Pd3368MQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f816dc01a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 arrow-left.1.svg
www.bahaxasdfhb.click/themes/izmir/images/ 808 B
808 B 162ms
161ms Image
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bahaxasdfhb.click/themes/izmir/images/arrow-left.1.svg
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/giris.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/giris.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bQutfpsyW8gNd%2BO2l098YdTnP3DRuhz5JCt7gbfeX5PCOY82xG1KlZ1gDWTyi1zYQlPHZ27LzukU6MiAz%2BnsOvlhnqmpaTCx2Ln0azKQxcltjKZDrmewRqbgSntncuDWr6XbAAlCf5h4Cb1%2FluzrXvaN5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f816dc05a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-bold-webfont.1.woff
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 174ms
174ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-bold-webfont.1.woff
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGHYZZWNjtdHxs%2FKMlT%2BjYsWjU4t0wzjViG3pNwPP6%2BwVpj95dHXU5wTKBtEqrKe2d57iwwjiff%2FoaNu%2BMg5s7dvTB37c2T7ZTrL%2BuIaK18w4jlyn7mYLgz3fdTaznrwvnlmnrip4c6ivoFU27nMvr1gPgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f816ec15a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-light-webfont.1.woff
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 167ms
167ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-light-webfont.1.woff
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9biZdfDEg6evOfQg11Cq8W1BBD8uX0rG%2FI4eGH9M%2BaXpAfL9lJvcH%2Fo7F14eWFVdPrmiPjo8mzJTwIvytwCg6NUbDWpSacoZxj0hp1bLrS2TRHOgGXIUubjczXW%2B9AHkSxkFOkG1NYEy93ba6JnYWyajps%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f816ec16a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 2005
Redirect Chain

https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

8 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

Requested by

Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/

Protocol

Server

2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9ddc0366d10d4392690cdc33db72a0823bb7f3ef72b0f107e7fd8c046adb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWQ%2Fp6QIO0Bd%2BN3uzlW0wHEmct7xYgqQAVE4X8QTRkNT9r88%2BGqXz2PyC5%2FwfB1oNEcIPglC0WzDqOpkkexHmnobNp1%2B8Mro1IhUuWbSTz1sWfkfBrc%2FDF7ALYz%2FBUzIl9okrI7rP0QRBUc%2F9ruCbK34J6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8846f8173cdba020-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 15 May 2024 23:39:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W38Wm00OkyQk3SIotPVfEJy3WBamnhtvWEsw9bQANZLWJgdWj695l4DXu8AL%2F%2F7nFwFXOJboWV2JZXEmZ4hS6iNK4C9lHcN7GaAq6l61BizwmiaeiqQ6S7XTzKRlIG1l6F9wtDVn69cTboInNdVlNLRgGsA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
cf-ray: 8846f8171ccda020-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 veri.php Show response
www.bahaxasdfhb.click/ 3 B
538 B 107ms
107ms XHR
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/veri.php?ip=2001:ac8:20:3a00:1011:c1d8:3895:b70
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.bahaxasdfhb.click/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.30, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e6TimJGlYwv4ofaZBI5fTJ%2F53KuqvXTFCYmAZE1SxomIE%2BcWlV%2Bubhcdy8L%2FsdJARn9c8o9WgISj4wLAA5vuntt51AN0AAYMJgElu0RGODBYWXTpKy5CfMCD%2BUyKBpzmdm41s8nhxZ0VLDrkzbduW4olcAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8846f8172cd2a020-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 8846f814ca89a020 Show response
www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2005 0
620 B 24ms
24ms XHR
text/plain 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/h/g/jsd/r/8846f814ca89a020
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YiH7JXgKpvmGUw9%2Bc0eIyjAqt4OHUbSUdgguiMSdW34J%2BxacbZY4gBzwpsm8%2FEIQ%2BXSvngAr3wW9vVUROVU6RANInk%2FhKx%2BWZO3Loqp8Dn2lJ4NiITLtHtmugCvqr%2FJqcH56VMjLVW2tc7bwOmAIt9Bexsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8846f817cd8fa020-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 404 opensans-regular-webfont.1.woff2
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 158ms
157ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-regular-webfont.1.woff2
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WDeCRi%2FdzSfD2yJ%2BG8AX2gkEr6OQ%2FbK89xDw1X4bFXPLH%2BeHL%2BfU8%2F3hnhs2OgXU7HK67ryAZyM9aAUAlOFmqlkZlmH74N85d%2FuxC0gfF8TaQVnweCtgbZ0cucKErUJsNHix2mi9gZMxF%2Fvq1GuM7dt5Yoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f817dd99a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-light-webfont.1.woff2
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 153ms
152ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-light-webfont.1.woff2
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BKmcwGuj3J3x8C3PoIYi3fitcLeaQHej7Sw8T4d50W7w21IvzpfVvSTWB8CF2hXYo7gk5%2FRsw%2BwU0gWiwd%2F6s9ZU7ZqpwlFiWwDAi3qwz%2BJNmy64JeKUJrVffuJhXIlQMreX6suw9hWC25pjaX7wA%2BwfLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f817fdaca020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-bold-webfont.1.woff2
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 153ms
152ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-bold-webfont.1.woff2
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bkUbVB4PCyw65kXTxd1y0HQoUS8qtv0S8470e0ck1MuKwEXVYxiraL73aw8wvoCLw6grDFIBxUVdj6KN2dgy%2FNXKN8c8Dj7mFQzVjIB4JNYPAGDLZdS%2FuPTVcZjtk%2FnuXN29%2BLZhuENZzThPb%2BBsoI600uY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f817fdb0a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-regular-webfont.1.ttf
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 154ms
153ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-regular-webfont.1.ttf
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXldClkyCUVegwZhRiqLGqVxvs9V9nx5nHxl%2Bb78ck42uFTuYFLl0l1x6LNXgA6oTfOKIZ6pLTLZo8F3XZzITN05YsYMHETMd71YhAsYMwQ5TsYyBLnrI7fY2hgxRSoEdKZOLXP0QIIcF5pIKJycDNnL8ww%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f818de34a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-light-webfont.1.ttf
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 158ms
158ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-light-webfont.1.ttf
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzoaO8BhRL7oI7RQnYvm0C5JFsNvH%2F9FYkYOlStPPhN5OCFS13fb47gFB9lZ7DL2eXboGVeoINf7EHKFe1s%2BrKAmohtrjMCi5WZsy6ljyRBUfvp5btg1yKBDK7KAjrGjLfdp9U%2FFXIX7adXl1UWzcsvOV2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f818ee3fa020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 opensans-bold-webfont.1.ttf
www.bahaxasdfhb.click/themes/izmir/fonts/ 0
0 158ms
158ms Font
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-bold-webfont.1.ttf
Requested by: Host: www.bahaxasdfhb.click
URL: https://www.bahaxasdfhb.click/assets/css/base.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/assets/css/base.css
Origin: https://www.bahaxasdfhb.click
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HPOGV5RDUFK2GMNoOyw8%2BbV2pxY%2BT9FrNtQ%2Fu75y%2FM%2Bgtl0WyFZTZs0D%2FGPYPUVTe1K6UoXlf8xlv2CRro0B1sVhHVsWO357Ggo4rMa8DbvYtH1OKtQmmWUHUQNOrJwrVaUvH9zlj0t2JyXJKasTLvhA0Vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f818fe43a020-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon.ico
www.bahaxasdfhb.click/ 808 B
872 B 152ms
152ms Other
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahaxasdfhb.click/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 23:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 23 Mar 2024 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WwRcOQahgUQ2%2FGP%2Fv52T2BBD8e9Uzw9x%2F5F0NLOo07KOW3Pa1UuYkNeDCm10FZXtl3hH81qmi3OGX6BJnEbu4VQhNpKNHH9CKw1SmmCXGvaMGJRTm6D%2FxembXvvWS1LJJkZtyDvnguAZOGA%2F6DJ2gmC%2BRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8846f81a1f1ba020-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 veri.php Show response
www.bahaxasdfhb.click/ 3 B
545 B 90ms
89ms XHR
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/veri.php?ip=2001:ac8:20:3a00:1011:c1d8:3895:b70
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.bahaxasdfhb.click/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:39:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.30, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhwRAfmHSo2a4eUMnvfOWSM%2B6RfayHOl8FYjgy9jVCoqk5M%2FzWeDS0po2%2FGJLyj%2BC0FTeT5i8%2BCaEKdexA%2B5UVCHmhGGclrn%2B%2FXJHNEr4fmue2YY3BK%2B%2F4w2A0jTtuYWutdjUTSTabGxcPI33qC751TkMjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8846f826cf76a020-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 veri.php Show response
www.bahaxasdfhb.click/ 3 B
539 B 81ms
81ms XHR
text/html 2606:4700:3030::ac43:cb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bahaxasdfhb.click/veri.php?ip=2001:ac8:20:3a00:1011:c1d8:3895:b70
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.bahaxasdfhb.click/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 23:39:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.30, PleskLin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cK3NwQ8uel4IhX0HamUadLsdWCVEE4mvbu0jKgGHYyBaTU6%2Frj3FAeYZ%2F%2FERDRPFChg4wAsm20GkoVLNDJu65%2BOVSRj2PaNqOpmTdDa7cMpIE1ccdS1ck%2BwHS%2BsMPwsIh5mQIQSaCtUEI2vXRWQFcqSCgyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8846f8366d34a020-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDDK (Banking) Turkish Government (Government)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.bahaxasdfhb.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: g4m1ktc7fe98vgc85gorvclaii
			.bahaxasdfhb.click/	1970-01-21 05:22:32	Name: cf_clearance Value: BECg1dJZ3NLxW8P1d16cYWDVEUec7qcKbBpbjbGwzDg-1715816385-1.0.1.1-HEfuiQqIzE3eUQ7EmFY.zeL4Yf4AcOMmMtP5rX3WiH86I3nrxg7VMfr5sumnx7o9_rTFXMs046sDffgA3dCnUw

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-regular-webfont.1.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/images/arrow-left.1.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/images/button-right.1.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-light-webfont.1.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-bold-webfont.1.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-regular-webfont.1.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-light-webfont.1.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-bold-webfont.1.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-regular-webfont.1.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-light-webfont.1.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/themes/izmir/fonts/opensans-bold-webfont.1.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.bahaxasdfhb.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
www.bahaxasdfhb.click
2606:4700:3030::ac43:cb59
2606:4700::6811:180e
0566e20d61e2e798bda5067585595950ad6e49c1d6103a1583c9b5546f8db8d8
06502153e0e50d4126373b6fa182d91a6d78ba1dd919dac8b5a2e53e391eb091
45e1abbe19c2f001c291c150e9fc5c70798203b4733e1841217524ba4720e8bf
5e002677cbc74b8ece199259c3000ad851348079c777165d04d76e7a28e0ca48
65e83404709229c1528056fc2a7426835c24c60b638d37caa731393f7f7ef99c
7240d65c7509f145e5147366d7393a1fd182cac4e950b15d2089c62b7e282d41
73f7279807a6872a399e9f1b335ddf2a847f29784d4f769adfe18e0f96c0f232
7a5dde98fa0c5faf365959c6911d93697e0ae90dc156db3f25afc3cbb4ddc1a9
97bc947f6b6ffd0042a86a82ccee14a89920194d87c185eccd3208f70574067e
a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18
b6451989470c4a49372ab0702abb602da99dbe7bb0707993bd3f01d703a80212
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bc9ddc0366d10d4392690cdc33db72a0823bb7f3ef72b0f107e7fd8c046adb34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

www.bahaxasdfhb.click Open in urlscan Pro 2606:4700:3030::ac43:cb59 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

138 kBTransfer

501 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bahaxasdfhb.click Open in urlscan Pro
2606:4700:3030::ac43:cb59 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

138 kB
Transfer

501 kB
Size

2
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!