urlscan.io logo urlscan.io
SecurityTrails logo

23809490890664555.cloud Open in urlscan Pro
94.156.69.111  Public Scan

Go To Rescan Add Verdict Report
URL: https://23809490890664555.cloud/home
Submission: On May 28 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 32 HTTP transactions. The main IP is 94.156.69.111, located in Bulgaria and belongs to LIMENET, US. The main domain is 23809490890664555.cloud.
TLS certificate: Issued by R3 on May 27th 2024. Valid for: 3 months.
This is the only time 23809490890664555.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 94.156.69.111 394711 (LIMENET)
21 193.108.213.15 20967 (HALKBANK-AS)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
32 5
Apex Domain
Subdomains		 Transfer
21 halkbank.com.tr
sube.halkbank.com.tr — Cisco Umbrella Rank: 997311
2 MB
9 23809490890664555.cloud
23809490890664555.cloud
943 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
28 KB
32 4
Domain Requested by
21 sube.halkbank.com.tr 23809490890664555.cloud
sube.halkbank.com.tr
9 23809490890664555.cloud 23809490890664555.cloud
code.jquery.com
1 code.jquery.com 23809490890664555.cloud
1 cdnjs.cloudflare.com 23809490890664555.cloud
32 4

This site contains no links.

Subject Issuer Validity Valid
23809490890664555.cloud
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
sube.halkbank.com.tr
DigiCert EV RSA CA G2		 2023-10-11 -
2024-10-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://23809490890664555.cloud/home
Frame ID: C02393C156A3F6267F59FE0FAAAC9B72
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Halkbank İnternet Şubesi

Detected technologies

Overall confidence: 100%
Detected patterns
  • highcharts.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <(?:div|html)[^>]+ng-app=
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • dataTables.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

3328 kB
Transfer

7633 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
23809490890664555.cloud/ 		74 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PHP/8.3.7 PleskLin
Resource Hash
e4ef0cde9bde5e6f2ff82f215498424e534778ab9f477a7bcf8ffe469c2cfa37

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Alt-Svc
h3=":443"; ma=86400
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
16625
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 May 2024 09:37:45 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PHP/8.3.7 PleskLin
bootstrap.min.css
23809490890664555.cloud/assets/css/ 		172 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/assets/css/bootstrap.min.css?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b587bf49f7c1087dc3c5a907f9702f90c5a59015e78c9db1c7c41eccc36b5dfd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:45 GMT
Content-Encoding
br
Last-Modified
Tue, 12 Mar 2024 20:00:06 GMT
Server
nginx
ETag
W/"65f0b446-2b0cb"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
production.min.css
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/ 		210 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/production.min.css?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
7163dd1bbf810606e4aadbf9b921ed07d1d21790fe027d620c6ba54aa17f141c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cteonnt-Length
215250
Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:17 GMT
ETag
"4c5f41cf16b0da1:0"
X-OPNET-Transaction-Trace
74014c8f-dcaa-435e-8f68-7508bde9355a-14576-829691
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
production-plugins.min.css
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/ 		138 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/production-plugins.min.css?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
aa927bb0806b182d355c9923570e63aa7520a4680c781ba57de94cb6a3d6c15c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cteonnt-Length
141809
Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:14 GMT
ETag
"433794cd16b0da1:0"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
skins.min.css
23809490890664555.cloud/assets/css/ 		2 MB
825 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/assets/css/skins.min.css
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3f1882c047d47ef1e0365cee539d38228d2020ff187cfe6168249c8012017e90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:37:45 GMT
content-encoding
br
last-modified
Tue, 12 Mar 2024 19:56:08 GMT
server
nginx
etag
W/"65f0b358-19dd56"
x-powered-by
PleskLin
content-type
text/css
alt-svc
h3=":443"; ma=86400
veribranch-all.css
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/veribranch-all.css?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
e508fd78ced65cdc73d8f5c5b8ca8e2f67e940c59f65906823f020ede1b34c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cteonnt-Length
8572
Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:10 GMT
ETag
"3f8c23cb16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
2525
receipt.css
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/receipt.css?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
cc8c5b8fdc333b4e97cd8d17ff9ea1a5feaa973973f0101be4dbf7d0d70dfc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cteonnt-Length
2563
Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:12 GMT
ETag
"581f19cc16b0da1:0"
X-OPNET-Transaction-Trace
74014c8f-dcaa-435e-8f68-7508bde9355a-14576-829690
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
854
plugins-all.css
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/css/ 		70 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/css/plugins-all.css?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
c6a9da998ff4b8b121020abd635868f6430d83167f1b7cb5899185f5022ec4a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cteonnt-Length
71296
Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:16 GMT
ETag
"b89dfece16b0da1:0"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
BotDetectCaptcha.ashx
sube.halkbank.com.tr/InternetBankingHost/Maintenance/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Maintenance/BotDetectCaptcha.ashx?get=layoutStyleSheet
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
1eefa36c2856facdd08f88071436eac73eb61b0528220b2025e5d2411ea6d196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Cteonnt-Length
3260
Date
Tue, 28 May 2024 09:37:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
private
Accept-Ranges
none
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet
Content-Length
752
Expires
Tue, 28 May 2024 10:37:19 GMT
jquery-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		303 KB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/jquery-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
969ead338d6a3310da5afe639b5c60f932298a7da868e40e85787b65236aaf81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:20 GMT
ETag
"fec865d116b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
310773
angular-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		353 KB
353 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/angular-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
e2ba80908bf7d79092e0790490f4bccc3671689dfe92329a809fbbb11e309aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:24 GMT
ETag
"e5e1add316b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
361150
plugins-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		664 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/plugins-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
f527091af1a53871ca33be17ca736d4cfab7240e8fc71d00d4b7af177f02b76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:26 GMT
ETag
"0dd64d416b0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
206677
highcharts-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		199 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/highcharts-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
312d1e4c9b8405b4372fe1e5c56680e4587b88d6602623bc67714f4843cee059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:17 GMT
ETag
"53a1bcf16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
203618
dataTables-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/dataTables-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
a40da2901dc0b7580226020e446165335107d8552a3960cb89358263cbbd8f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:17 GMT
ETag
"4c5f41cf16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
143341
pdf.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		823 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/pdf.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
4cc6dd931c2c60b53b4a1b804fb0e94f003c6ab2ef855dc9bdfc6d599d506098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:21 GMT
ETag
"80ec69d116b0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
152031
jsencrypt-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/jsencrypt-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
bbdcdd9a3c65dbe7db35ad570184fe7f9985d652be204e0565aae0d2c9f33981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:12 GMT
ETag
"581f19cc16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
54878
paperlessBanking.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/paperlessBanking.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
7b156cb948532b98442a1f98eacf9cde90ebf4e3509bdb6468b020c93a00f5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:11 GMT
ETag
"926079cb16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
2874
vb-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		276 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/vb-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
07b0c2a4cdb0158b8e6a08410f9f181a462844cc33f2d17029ddc4affd1a8d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:20 GMT
ETag
"fec865d116b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
283127
veribranch.directives.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/VeriBranch.Web/Modules/ 		2 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/VeriBranch.Web/Modules/veribranch.directives.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
9da86c158bab5de089f87b53b9ed0e10de862b2701ec09c58fcf8a421c57099b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:09 GMT
ETag
"80de42ca16b0da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
307772
login-app-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/login-app-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
62ae539013ce5e49f641a48019fe89552fb4a0c9a144c7a9cc2c49710120bf34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:12 GMT
ETag
"c2b954cc16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
28903
sa-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/js/ 		207 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/js/sa-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
74d86a24faa5df56b3b9de97b5c2c267b5f6e2315cec61f8bd29cd101bcb50ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:20 GMT
ETag
"fec865d116b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
212333
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://23809490890664555.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2212458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8m6nbGZ7MXG0QlfHHBBM1SO0JJti7V4oFBM0qmBNm51Icnzk8BdE3CrCht1fv8SLmiaTv16TlwImbUXul2ERXfH3iO5fUW1xTCiE56v96I%2BRIV4Kk2QHydSokcWWJEGCoH50PWF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88ad44923b2239c7-FRA
expires
Sun, 18 May 2025 09:37:45 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:37:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2745237
x-cache
HIT, HIT
content-length
30879
x-served-by
cache-lga21981-LGA, cache-fra-eddf8230120-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1716889065.317935,VS0,VE0
etag
W/"28feccc0-15d84"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
9, 787240
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f753839283d4a8841cbd7707282dcfc9e2a65d116316955a3d6751a5fb30594

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa38abaaeab332d2bc134bbc7103cfa06611249c6164c530938bed7f13c25b8c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa895aad80366bcd0abb6c52554f13e33cf99a494bb6a539c52aeb2b03a53dd2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
blank.gif
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/img/blank.gif
Requested by
Host: sube.halkbank.com.tr
URL: https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/production.min.css?v=1709568091539
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
50fd99c7ba443da1d3f8455af419e9a623c7a87013c82580129c7461a9804f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/css/production.min.css?v=1709568091539
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:26 GMT
ETag
"f8c0d0d416b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
1095
truncated
/ 		156 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
919b3693b2c106c684bf530443ee2af0360f7f51d96d7fc556be5cd03942d6bc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dce1529451ca28870b87a2f034cd462558d3830f99e8ac3c22a3a3445191a4d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9313b826be1e50da9e240b43b515c91214bc72d506b20d1dddbeeca6ebdd1bee

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
150515bdd6a0afb734c18307eba842fe07df15ed730aa5ed22d18959947e7e1f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
964636a5b67ebc123f6593ab8cad228a53c4df0b6a3f9d31511a19a90fedfd2f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
fontawesome-webfont.woff2
23809490890664555.cloud/assets/css/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/assets/css/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/assets/css/bootstrap.min.css?v=1709568091539
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/assets/css/bootstrap.min.css?v=1709568091539
Origin
https://23809490890664555.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:37:45 GMT
last-modified
Tue, 12 Mar 2024 19:59:26 GMT
server
nginx
x-powered-by
PleskLin
etag
"65f0b41e-fbd0"
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
64464
Gotham-Bold.woff
23809490890664555.cloud/assets/css/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/assets/css/fonts/Gotham-Bold.woff
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/assets/css/skins.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
929c9acb73530a412324d05d604ddec6eaab1c86a40d8ef59e3003b9e899040b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/assets/css/skins.min.css
Origin
https://23809490890664555.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:37:45 GMT
last-modified
Tue, 12 Mar 2024 19:51:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"65f0b248-2d58"
content-type
font/woff
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
11608
text-security-disc.woff2
23809490890664555.cloud/assets/css/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/assets/css/fonts/text-security-disc.woff2
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/assets/css/skins.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9dd630e7cbf1a068b89a5a134e248ff63f2d452081bf86684aeb4b7f73712b76

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/assets/css/skins.min.css
Origin
https://23809490890664555.cloud
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 09:37:45 GMT
last-modified
Tue, 12 Mar 2024 19:52:50 GMT
server
nginx
x-powered-by
PleskLin
etag
"65f0b292-8e8"
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2280
jsencrypt-all.js
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/ 		54 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/js/jsencrypt-all.js?v=1709568091539
Requested by
Host: 23809490890664555.cloud
URL: https://23809490890664555.cloud/home
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
bbdcdd9a3c65dbe7db35ad570184fe7f9985d652be204e0565aae0d2c9f33981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:12 GMT
ETag
"581f19cc16b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
54878
process
23809490890664555.cloud/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/process
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PHP/8.3.7, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://23809490890664555.cloud/home
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 28 May 2024 09:37:51 GMT
server
nginx
x-powered-by
PHP/8.3.7, PleskLin
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
2favicon.ico
sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/img/favicon/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sube.halkbank.com.tr/InternetBankingHost/Features/wwwroot/statics/sa/img/favicon/2favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.108.213.15 , Turkey, ASN20967 (HALKBANK-AS, TR),
Reverse DNS
sube.halkbank.com.tr
Software
/
Resource Hash
07ef86b9d163ba3c32574bb814e494ada45223d2a0b25c13ad67e7b656b0cf81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://23809490890664555.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 09:37:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 27 May 2024 09:18:27 GMT
ETag
"715246d516b0da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
max-age=604800
Accept-Ranges
bytes,none
Content-Length
15086
process
23809490890664555.cloud/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/process
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PHP/8.3.7, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://23809490890664555.cloud/home
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 28 May 2024 09:37:53 GMT
server
nginx
x-powered-by
PHP/8.3.7, PleskLin
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
process
23809490890664555.cloud/ 		0
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://23809490890664555.cloud/process
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
94.156.69.111 , Bulgaria, ASN394711 (LIMENET, US),
Reverse DNS
Software
nginx / PHP/8.3.7, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://23809490890664555.cloud/home
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 28 May 2024 09:37:55 GMT
server
nginx
x-powered-by
PHP/8.3.7, PleskLin
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| featureVersions function| fraudNetInitiateEvent function| fraudNetValidateEvent function| onlyNumberKey object| input string| placeHolderText string| placeHolderAtt function| $ function| jQuery object| angular function| Swiper function| msieversion function| removeBtn function| initializeSearchButton function| resizeQuestion function| resize function| tabPos function| tabLiSar function| detailButtons function| eventActiveClass function| calendarFirstClick function| activateCell function| IconEdit function| resizeDragCol function| BlockBackspace function| clickIE function| clickNS function| TokenTypeChanged function| RedirectToSMS function| RedirectToSecurityLevelUpdateQuestions function| PostQuestionForm function| CheckJquery boolean| mobil undefined| ie number| mobilG undefined| cc_question_sections undefined| question_steps string| pageTitle object| BG object| header object| HtmlPanel object| item undefined| back_to_top function| _ function| JSZip function| moment function| Sortable function| $script object| Mustache function| Dropzone function| Tour object| rangy string| textAngular object| amplify object| Highcharts object| HighchartsAdapter function| TableTools function| ResponsiveDatatablesHelper object| ZeroClipboard_TableTools boolean| _pdfjsCompatibilityChecked object| regeneratorRuntime object| pdfjsLib object| pdfjs-dist/build/pdf function| JSEncrypt function| renderPage function| renderPages function| openAgreement object| agreementLoadingStatus boolean| agreementButtonActive object| options object| VeriBranch function| __extends object| veribranch function| VB object| System object| app function| __decorate object| root boolean| debugState string| debugStyle string| debugStyle_green string| debugStyle_red string| debugStyle_warning string| debugStyle_success string| debugStyle_error number| throttle_delay number| menu_speed boolean| menu_accordion boolean| enableJarvisWidgets boolean| localStorageJarvisWidgets boolean| sortableJarvisWidgets boolean| enableMobileWidgets boolean| fastClick object| boxList object| showList object| nameList object| idList object| chatbox_config object| ignore_key_elms boolean| voice_command boolean| voice_command_auto string| voice_command_lang boolean| voice_localStorage object| commands function| FastClick function| runAllForms function| runAllCharts function| setup_widgets_desktop function| setup_widgets_mobile function| loadScript function| checkURL function| loadURL function| drawBreadCrumb function| pageSetUp function| getParam function| calc_navbar_height function| navbar_height object| shortcut_dropdown object| bread_crumb boolean| topmenu string| thisDevice boolean| ismobile object| jsArray object| initApp boolean| gMapsLoaded function| gMapsCallback function| loadGoogleMaps function| send

1 Cookies

Domain/Path Name / Value
23809490890664555.cloud/ Name: PHPSESSID
Value: ddot7bcf9j7lgp2ebif95ileq5

4 Console Messages

Source Level URL
Text
recommendation warning URL: https://23809490890664555.cloud/home
Message:
[DOM] Found 2 elements with non-unique id #Username: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://23809490890664555.cloud/home
Message:
[DOM] Found 2 elements with non-unique id #password: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://23809490890664555.cloud/home
Message:
[DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://23809490890664555.cloud/home
Message:
[DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23809490890664555.cloud
cdnjs.cloudflare.com
code.jquery.com
sube.halkbank.com.tr
104.17.25.14
193.108.213.15
2a04:4e42::649
94.156.69.111
07b0c2a4cdb0158b8e6a08410f9f181a462844cc33f2d17029ddc4affd1a8d73
07ef86b9d163ba3c32574bb814e494ada45223d2a0b25c13ad67e7b656b0cf81
150515bdd6a0afb734c18307eba842fe07df15ed730aa5ed22d18959947e7e1f
1eefa36c2856facdd08f88071436eac73eb61b0528220b2025e5d2411ea6d196
312d1e4c9b8405b4372fe1e5c56680e4587b88d6602623bc67714f4843cee059
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3f1882c047d47ef1e0365cee539d38228d2020ff187cfe6168249c8012017e90
4cc6dd931c2c60b53b4a1b804fb0e94f003c6ab2ef855dc9bdfc6d599d506098
50fd99c7ba443da1d3f8455af419e9a623c7a87013c82580129c7461a9804f27
5dce1529451ca28870b87a2f034cd462558d3830f99e8ac3c22a3a3445191a4d
5f753839283d4a8841cbd7707282dcfc9e2a65d116316955a3d6751a5fb30594
62ae539013ce5e49f641a48019fe89552fb4a0c9a144c7a9cc2c49710120bf34
7163dd1bbf810606e4aadbf9b921ed07d1d21790fe027d620c6ba54aa17f141c
74d86a24faa5df56b3b9de97b5c2c267b5f6e2315cec61f8bd29cd101bcb50ef
7b156cb948532b98442a1f98eacf9cde90ebf4e3509bdb6468b020c93a00f5ba
919b3693b2c106c684bf530443ee2af0360f7f51d96d7fc556be5cd03942d6bc
929c9acb73530a412324d05d604ddec6eaab1c86a40d8ef59e3003b9e899040b
9313b826be1e50da9e240b43b515c91214bc72d506b20d1dddbeeca6ebdd1bee
964636a5b67ebc123f6593ab8cad228a53c4df0b6a3f9d31511a19a90fedfd2f
969ead338d6a3310da5afe639b5c60f932298a7da868e40e85787b65236aaf81
9da86c158bab5de089f87b53b9ed0e10de862b2701ec09c58fcf8a421c57099b
9dd630e7cbf1a068b89a5a134e248ff63f2d452081bf86684aeb4b7f73712b76
a40da2901dc0b7580226020e446165335107d8552a3960cb89358263cbbd8f94
aa927bb0806b182d355c9923570e63aa7520a4680c781ba57de94cb6a3d6c15c
b587bf49f7c1087dc3c5a907f9702f90c5a59015e78c9db1c7c41eccc36b5dfd
bbdcdd9a3c65dbe7db35ad570184fe7f9985d652be204e0565aae0d2c9f33981
c6a9da998ff4b8b121020abd635868f6430d83167f1b7cb5899185f5022ec4a0
cc8c5b8fdc333b4e97cd8d17ff9ea1a5feaa973973f0101be4dbf7d0d70dfc48
e2ba80908bf7d79092e0790490f4bccc3671689dfe92329a809fbbb11e309aa1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ef0cde9bde5e6f2ff82f215498424e534778ab9f477a7bcf8ffe469c2cfa37
e508fd78ced65cdc73d8f5c5b8ca8e2f67e940c59f65906823f020ede1b34c4c
f527091af1a53871ca33be17ca736d4cfab7240e8fc71d00d4b7af177f02b76c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa38abaaeab332d2bc134bbc7103cfa06611249c6164c530938bed7f13c25b8c
fa895aad80366bcd0abb6c52554f13e33cf99a494bb6a539c52aeb2b03a53dd2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e