ziraatbank.impretextos.com Open in urlscan Pro
54.39.133.88  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ziraatbank.impretextos.com/	45 KB 12 KB	68ms 19ms	Document text/html	54.39.133.88 OVH
General Check archive.org Show headers Download Go to Full URL https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.39.133.88 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS host5.latinoamericahosting.com Software LiteSpeed / Resource Hash d8265f2790c25a45f9e7b0e89eaef3a49b1086444a0fc4a03e53acb1d93f726d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 12051 content-type text/html date Wed, 30 Nov 2022 17:26:25 GMT last-modified Fri, 25 Nov 2022 08:34:04 GMT server LiteSpeed vary Accept-Encoding
GET H/1.1	200 OK	plugins.min.css bireysel.ziraatbank.com.tr/Content/assets/bundle/css/	340 KB 83 KB	2066ms 678ms	Stylesheet text/css	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/plugins.min.css?v=3-oWtmXet6oQr6RY8XOz8o83EN5HmnSjRrJa96Klu701 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash dfea16b665deb7aa10afa458f173b3f28f3710de479a74a346b25af7a2a5bbbd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 30 Nov 2022 17:26:27 GMT Last-Modified Fri, 03 Jun 2022 23:20:04 GMT Age 1134 ETag "5341a774a077d81:0" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 84698
GET H/1.1	200 OK	sub.min.css bireysel.ziraatbank.com.tr/Content/assets/bundle/css/	401 KB 90 KB	2094ms 697ms	Stylesheet text/css	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/sub.min.css?v=UHf3w7Dx65qrplVwGOINo143tkJVE7it7hD_ZMX6wQs1 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash 5077f7c3b0f1eb9aaba6557018e20da35e37b6425513b8adee10ff64c5fac10b Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 30 Nov 2022 17:26:27 GMT Last-Modified Fri, 07 Oct 2022 23:18:26 GMT Age 1134 ETag "e98321aa3dad81:0" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 91605
GET H/1.1	200 OK	jquery.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/bundle/js/	315 KB 315 KB	2100ms 702ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/jquery.min.js?v=sTnYq8pmR0kDnP8pW0NfkjF7_30wgfwhoplCtCyf7v41 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash b139d8abca664749039cff295b435f92317bff7d3081fc21a29942b42c9feefe Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:27 GMT X-Content-Type-Options nosniff Last-Modified Fri, 06 Aug 2021 23:09:19 GMT Age 1079 ETag "df65d215188bd71:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 322398
GET H/1.1	200 OK	zrtprefs.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/bundle/js/	23 KB 23 KB	2099ms 698ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/zrtprefs.min.js?v=Yay4gxSwaLW2t9HOQWmwDCfxrHP-3sWbXlt7AY4BCeU1 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash 61acb88314b068b5b6b7d1ce4169b00c27f1ac73fedec59b5e5b7b018e0109e5 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:27 GMT X-Content-Type-Options nosniff Last-Modified Fri, 06 Aug 2021 23:06:39 GMT Age 1116 ETag "d5b256b6178bd71:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 23383
GET H2	200	a0a04de24e.js Show response kit.fontawesome.com/	11 KB 4 KB	135ms 87ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/a0a04de24e.js Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4550cd3f103ff76495bbb4f1f8cd3f2a3ee0eb78cfbb3e78514cc78dd3b2722d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://ziraatbank.impretextos.com/ Origin https://ziraatbank.impretextos.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:26 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status REVALIDATED server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 772549bc89517150-YUL access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FyxrMsFC9mLztWuVWOQj
GET H/1.1	200 OK	WebResource.axd Show response bireysel.ziraatbank.com.tr/	23 KB 7 KB	1828ms 425ms	Script application/x-javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/WebResource.axd?d=SqZa8GYeN-voTRZ-GMsb11KKLzsM4GjYxTGAXg23ajVoLdblDojATKR_7aSBdwvGYc1HUN_gkQjb5mtE0&t=637811837229275428 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 30 Nov 2022 17:26:27 GMT Last-Modified Wed, 23 Feb 2022 00:28:42 GMT Age 1122 X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin domain Cache-Control public Connection Keep-Alive Accept-Ranges bytes Content-Length 6190 Expires Thu, 30 Nov 2023 06:36:18 GMT
GET H/1.1	200 OK	WebResource.axd Show response bireysel.ziraatbank.com.tr/	26 KB 8 KB	1834ms 431ms	Script application/x-javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/WebResource.axd?d=agHyoqmM5R2HZK0hGHfDVytXXsb63ddjF_nKao5XovSnHZhjS6or_fp52iypVd59PLxUB0lM_JvLk5XHaiBfD53SBAg1&t=637811837229275428 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Content-Encoding gzip X-Content-Type-Options nosniff Date Wed, 30 Nov 2022 17:26:27 GMT Last-Modified Wed, 23 Feb 2022 00:28:42 GMT Age 1066 X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin domain Cache-Control public Connection Keep-Alive Accept-Ranges bytes Content-Length 7340 Expires Thu, 30 Nov 2023 06:08:28 GMT
GET H2	200	phone_002.png ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/	8 KB 8 KB	22ms 20ms	Image image/png	54.39.133.88 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/phone_002.png Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.39.133.88 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS host5.latinoamericahosting.com Software LiteSpeed / Resource Hash ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT last-modified Thu, 10 Nov 2022 14:42:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 8378 expires Wed, 07 Dec 2022 17:26:30 GMT
GET H2	200	phone.png ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/	10 KB 10 KB	22ms 21ms	Image image/png	54.39.133.88 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/phone.png Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.39.133.88 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS host5.latinoamericahosting.com Software LiteSpeed / Resource Hash 75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT last-modified Thu, 10 Nov 2022 14:42:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 9783 expires Wed, 07 Dec 2022 17:26:30 GMT
GET H2	200	comodo-logo.png ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/	6 KB 6 KB	11ms 10ms	Image image/png	54.39.133.88 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/comodo-logo.png Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.39.133.88 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS host5.latinoamericahosting.com Software LiteSpeed / Resource Hash 7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT last-modified Thu, 10 Nov 2022 14:42:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 6295 expires Wed, 07 Dec 2022 17:26:30 GMT
GET H/1.1	200 OK	core.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/bundle/js/	221 KB 222 KB	280ms 279ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/core.min.js?v=8tJU7D4-xsT2k3non0UE2_2pDyccXH0eM3Q6fqveukY1 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash f2d254ec3e3ec6c4f69379e89f4504dbfda90f271c5c7d1e33743a7eabdeba46 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:29 GMT X-Content-Type-Options nosniff Last-Modified Fri, 03 Jun 2022 23:20:04 GMT Age 1134 ETag "5341a774a077d81:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 226435
GET H/1.1	200 OK	dashboard.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/bundle/js/	193 KB 193 KB	140ms 140ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/dashboard.min.js?v=gKbX1EYtQEHZxJECE744bma6Xiv88qu87gpFe9_B0ps1 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash 80a6d7d4462d4041d9c4910213be386e66ba5e2bfcf2abbcee0a457bdfc1d29b Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:30 GMT X-Content-Type-Options nosniff Last-Modified Fri, 06 Aug 2021 23:08:30 GMT Age 1091 ETag "1c67daf8178bd71:0" X-OPNET-Transaction-Trace a2_ab5e750b-2c76-4aba-ac6c-3787347c0aea-1436-1072235 X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 197509
GET H/1.1	200 OK	subpage.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/bundle/js/	365 KB 365 KB	142ms 142ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/subpage.min.js?v=9_N4KeZNTU3IrnNlkVGyybxXUPXFxIKvHk8nH2tzLKE1 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash f7f37829e64d4d4dc8ae73659151b2c9bc5750f5c5c482af1e4f271f6b732ca1 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:30 GMT X-Content-Type-Options nosniff Last-Modified Fri, 06 Aug 2021 23:09:19 GMT Age 1093 ETag "49c8d415188bd71:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 373314
GET H/1.1	200 OK	ui.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/bundle/js/	155 KB 156 KB	273ms 272ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/ui.min.js?v=Dy9TMlPS_StMlZA09zIc2ngjWIshJ7c94qs7pwVNxAI1 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash 0f2f533253d2fd2b4c959034f7321cda7823588b2127b73de2ab3ba7054dc402 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:30 GMT X-Content-Type-Options nosniff Last-Modified Sat, 02 Jul 2022 00:09:22 GMT Age 1131 ETag "84762afba78dd81:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 158997
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	100 KB 23 KB	101ms 48ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=a0a04de24e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/a0a04de24e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT via 1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop JFK50-P8 age 1444 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:08 GMT server cloudflare etag W/"2dbe34367e935e2684b01124b0860d71" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZ%2FikoWxkiknvCznhqdWfAbHWFQT6kjqNRtARewwtzlTmx8FakGoVN%2F73UuPmBJX%2FPDPbh1cQiRr2uYTnYRrhVpUCxDcc3N2a3BLHWSzUgyd%2Fsy7tGPPRYG5qdO5Mvgq6Z27CYTNWWdoI10nNfQJ4ojYCg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 772549d9bd1a1a13-EWR access-control-allow-headers fa-kit-token x-amz-cf-id QfTgC6ispXach2hn-rq-Qff3ojN0Hw0Wcp9JCqEVuUysT6Shts0Auw==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	27 KB 5 KB	93ms 40ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=a0a04de24e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/a0a04de24e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT via 1.1 827e4274db61b1bc4aa840491aa652a0.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop JFK50-P8 age 1444 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:08 GMT server cloudflare etag W/"0d00741459c51dd7330d97cd19326a7b" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rn7JZErtz3hOnQiESfE%2BgpUYVhWqKVa%2FJFsf2Wx1cYuHzM5r1SpAUimZ92FPooP5zjd6gJ6Hw3sUZ44VOgQV2Tgj94SJEaMwsd76IB%2FpP%2Fa4kXS9h4liHKRNUh8ODOH2Svg85bGMefUslUfYeAvGI0qTA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 772549d9bd1e1a13-EWR access-control-allow-headers fa-kit-token x-amz-cf-id HFlXDmmo_RUcTfclysOZpJfx0_HCjgUivNSmbMcS9qAYydgzpqFkag==
GET H2	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	823 B 725 B	104ms 52ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=a0a04de24e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/a0a04de24e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop JFK50-P8 age 1444 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:07 GMT server cloudflare etag W/"15e2713dff942747406520edde3fd0bf" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdAmBPa0XcglC4yLWeymyUYVWLiUtGwHEpAlOIwFMBeT2Zj5ZKNlG1pDWFNGT9O9VC%2BnDojEy9m3s606Y%2FjqAuXYAccpqh8udHjwvsplaMfHoabE%2BMqYTQweI%2FYCmlt%2B%2BhdUREZhwgjNX1H%2BdkTCz0%2BV2A%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 772549d9bd201a13-EWR access-control-allow-headers fa-kit-token x-amz-cf-id XeDwD2h94VRF1jX84TypxcLsviOa3vogeZBFlXwGd6qIB6Yz-MlAZw==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.2.1/css/	2 KB 1 KB	96ms 44ms	Fetch text/css	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=a0a04de24e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/a0a04de24e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT via 1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop JFK50-P8 age 1444 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 14 Nov 2022 15:06:07 GMT server cloudflare etag W/"075b2106ba08d32bc88fff3724503b1e" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHaUVcaVVUF8%2BB3xFR6LyccAYE9e1s8W3j1JuktahYHfvxZhzm2zADgXjwN7F%2Fyv7g7bDu5CWzix0obUJTbrlVjdCkAT%2BD4NTvpjVatGJQe30aoMO2ExAz7poG1wgHnevT5IAOwtLmxUb0U5320jV9XXeg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 772549d9bd221a13-EWR access-control-allow-headers fa-kit-token x-amz-cf-id Xe7wqt8jQJPiG-6l4CHbaPtfwOsNff22BegugIFzU55uDE4Nr4VbhQ==
GET H/1.1	200 OK	login-bg.jpg bireysel.ziraatbank.com.tr/Content/assets/img/	104 KB 105 KB	279ms 279ms	Image image/jpeg	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bireysel.ziraatbank.com.tr/Content/assets/img/login-bg.jpg?v=20181004 Requested by Host: bireysel.ziraatbank.com.tr URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/sub.min.css?v=UHf3w7Dx65qrplVwGOINo143tkJVE7it7hD_ZMX6wQs1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://bireysel.ziraatbank.com.tr/Content/assets/bundle/css/sub.min.css?v=UHf3w7Dx65qrplVwGOINo143tkJVE7it7hD_ZMX6wQs1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:30 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 Feb 2019 12:59:43 GMT Age 1142 ETag "e2e01ed189c7d41:0" X-OPNET-Transaction-Trace a2_ed91f727-72c8-49b9-9cad-755cb576ba7b-5100-800721 X-Frame-Options SAMEORIGIN Content-Type image/jpeg Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 106717
GET		BB78E1BCF28E9E4CC.woff2 bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/	0 0
GET		D40DF048D299CA4DD.woff2 bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/	0 0
GET		CFFA5595DEF2590DC.woff2 bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/	0 0
GET H3	200	free-fa-solid-900.woff2 ka-f.fontawesome.com/releases/v6.2.1/webfonts/	147 KB 148 KB	65ms 36ms	Font font/woff2	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2 Requested by Host: ziraatbank.impretextos.com URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4 Request headers Referer https://ziraatbank.impretextos.com/ Origin https://ziraatbank.impretextos.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:30 GMT via 1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD55-P3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 150500 last-modified Mon, 14 Nov 2022 15:15:23 GMT server cloudflare etag "69a76555beae5c43a59559396c1aeb54" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKLrZtY7UzTd2KWVzKanm539Zlg4OFvyuSfz6AGHd6GYLRDSABiOFZX%2F%2FiZd7d2F6zV2kb%2FiYnAVEqWbZzCQa2xPeMvf43hYV1Wo0k6E2EqEs568m4NqPp0tYc09f5vKPiBtazvpYqs969OBfU2FVjLE7g%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 772549da5ec50632-IAD access-control-allow-headers fa-kit-token x-amz-cf-id fDFctqh0hQOqI2n8sf91G0ZJenjlQyEYve9mBZBU02h2JqMe8iRaJA==
GET		BB78E1BCF28E9E4CC.woff bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/	0 0
GET		D40DF048D299CA4DD.woff bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/	0 0
GET		CFFA5595DEF2590DC.woff bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/	0 0
GET H2	200	resource.png Show response globalsiteanalytics.com/resource/	67 B 657 B	389ms 167ms	XHR image/png	107.154.251.104 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://globalsiteanalytics.com/resource/resource.png Requested by Host: bireysel.ziraatbank.com.tr URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/zrtprefs.min.js?v=Yay4gxSwaLW2t9HOQWmwDCfxrHP-3sWbXlt7AY4BCeU1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.154.251.104 , United States, ASN19551 (INCAPSULA, US), Reverse DNS 107.154.251.104.ip.incapdns.net Software Apache-Coyote/1.1 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:32 GMT last-modified Wed, 30 Nov 2022 17:26:32 GMT server Apache-Coyote/1.1 x-cdn Imperva content-type image/png access-control-allow-origin * x-iinfo 1-13803637-13803640 NNNY CT(57 129 0) RT(1669829191820 109) q(0 0 0 0) r(0 0) U5 cache-control max-age=31536000, private content-length 67 expires Thu, 30 Nov 2023 17:26:32 GMT
POST H2	200	hdim Show response globalsiteanalytics.com/service/	2 KB 2 KB	535ms 314ms	XHR text/plain	107.154.251.104 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://globalsiteanalytics.com/service/hdim Requested by Host: bireysel.ziraatbank.com.tr URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/zrtprefs.min.js?v=Yay4gxSwaLW2t9HOQWmwDCfxrHP-3sWbXlt7AY4BCeU1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.154.251.104 , United States, ASN19551 (INCAPSULA, US), Reverse DNS 107.154.251.104.ip.incapdns.net Software / Resource Hash 4d7097b9f0bfac831ec6eb0be4c0b346d8a44709ebfbb982f8cc1965802f0008 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers access-control-allow-origin * x-iinfo 1-13803637-13803641 NNYN CT(57 68 0) RT(1669829191820 110) q(0 0 1 2) r(2 2) U5 date Wed, 30 Nov 2022 17:26:32 GMT cache-control no-cache, no-transform content-encoding gzip x-cdn Imperva content-type text/plain
GET H/1.1	200 OK	video.min.js Show response bireysel.ziraatbank.com.tr/Content/assets/js/plugins/	204 KB 204 KB	141ms 141ms	Script application/javascript	194.24.224.11 FINTEK-AS
General Check archive.org Show headers Download Go to Full URL https://bireysel.ziraatbank.com.tr/Content/assets/js/plugins/video.min.js Requested by Host: bireysel.ziraatbank.com.tr URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/jquery.min.js?v=sTnYq8pmR0kDnP8pW0NfkjF7_30wgfwhoplCtCyf7v41 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.24.224.11 , Turkey, ASN31471 (FINTEK-AS, TR), Reverse DNS Software / Resource Hash 5464622544b173bc096c77df737277080b6c94bd331b9341a92a1b848bf21d53 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Strict-Transport-Security max-age=16070400; includeSubDomains Date Wed, 30 Nov 2022 17:26:32 GMT X-Content-Type-Options nosniff Last-Modified Fri, 08 Mar 2019 23:27:37 GMT Age 1074 ETag "27ebd846d6d41:0" X-Frame-Options SAMEORIGIN Content-Type application/javascript Access-Control-Allow-Origin domain Cache-Control max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 208953
GET H3	200	phone_002.png ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/	8 KB 8 KB	13ms 12ms	Image image/png	54.39.133.88 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/phone_002.png Requested by Host: bireysel.ziraatbank.com.tr URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/jquery.min.js?v=sTnYq8pmR0kDnP8pW0NfkjF7_30wgfwhoplCtCyf7v41 Protocol H3 Security QUIC, , AES_128_GCM Server 54.39.133.88 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS host5.latinoamericahosting.com Software LiteSpeed / Resource Hash ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077 Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:32 GMT last-modified Thu, 10 Nov 2022 14:42:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 8378 expires Wed, 07 Dec 2022 17:26:32 GMT
GET H3	200	phone.png ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/	10 KB 10 KB	11ms 10ms	Image image/png	54.39.133.88 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://ziraatbank.impretextos.com/Ho%C5%9F%20Geldiniz%20Ziraat%20Bankas%C4%B1%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1_files/phone.png Requested by Host: bireysel.ziraatbank.com.tr URL: https://bireysel.ziraatbank.com.tr/Content/assets/bundle/js/jquery.min.js?v=sTnYq8pmR0kDnP8pW0NfkjF7_30wgfwhoplCtCyf7v41 Protocol H3 Security QUIC, , AES_128_GCM Server 54.39.133.88 Beauharnois, Canada, ASN16276 (OVH, FR), Reverse DNS host5.latinoamericahosting.com Software LiteSpeed / Resource Hash 75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae Request headers accept-language en-CA,en;q=0.9 Referer https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 17:26:32 GMT last-modified Thu, 10 Nov 2022 14:42:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 9783 expires Wed, 07 Dec 2022 17:26:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bireysel.ziraatbank.com.tr

URL

https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2

Domain

bireysel.ziraatbank.com.tr

URL

https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2

Domain

bireysel.ziraatbank.com.tr

URL

https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff2

Domain

bireysel.ziraatbank.com.tr

URL

https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff

Domain

bireysel.ziraatbank.com.tr

URL

https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff

Domain

bireysel.ziraatbank.com.tr

URL

https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

480 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| BigInt string| relativePath function| getInternetExplorerVersion function| ForceEqualHeightOnColumns function| GetWhichCode function| isAlphaNumericForPin function| arrangePagerRow function| FcsToCtrl function| showElement function| hideElement function| imageControl function| onFTimeOutClick function| IsValidDate function| IsValidISODate function| dummyLoading function| dummyHideLoading function| appendSpinnerCircles function| getSpinnerHtml function| GetValidationMsg function| CheckAlphaNumericCurrentPinEntry function| CheckDescription function| GetDropDownData function| FilterDropDown function| clearDropDown function| IsInvalidChar function| CheckGivenText function| GetCharacterCode function| IsValidCharacterCode function| getStepContainerData function| isCheckedBox function| hideClass function| showClass function| hideSelector function| showSelector function| alertMSG function| infoMSG function| removeAlertModalDefaults function| successMSG function| hideAlertMSG function| confirmMSG function| confirmMSGWithCallBack function| showConfirm function| hideConfirm function| isCheckedRadioBox function| changeAmountBoxCurrency function| GetSelectedRadioAttributeValue function| GetSelectedRadio function| TcknCheckDigit function| GetDatePickerDate function| GetDatePickerDateYMD function| GetAmount function| GetCustomAmount function| textBoxValue function| textBoxHaveValue function| keyToUpperCase function| toNonTRCharsWithUpperCase function| removeTurkishChars function| toTRUpperCase function| openLightBoxWithUrl function| isValidPhone function| isValidSMSNumber function| isValidPhoneNumber function| exportContent function| exportContentNoDimension function| openExportPage function| printPage function| printPageNoDimension function| printReceipt function| isValidEmail function| convertToUpperCase function| setHasFormChanges function| checkChanges function| GetGridViewSelectedItem function| GetGridViewSelectedItemAttr function| GetCustomerNoFromAccount function| isAlphanumeric function| isNumber function| isString function| isNum function| isDescription function| getCode function| CheckAlphaNumericNewPinEntry function| hasConsecutiveCharacter function| getAllMatches function| maskPanel function| maskElement function| unmaskPanel function| unmaskElement function| VknCheckDigit function| IsFutureDate function| thisBlur function| isValidIBANValue function| isValidIBAN function| isEmpty function| isWhitespace function| checkCharsFromList function| checkControlDigits function| prepareToCalcControlDigits function| convertToNumber function| mod97 function| IsAlphaNumeric function| IsNumeric function| CheckDynamicRegex function| SetDatePickerDate function| navigateTo function| navigateToPage function| RemoveCheckedBox function| DashedCheckboxClicked function| FilterBoxListGridOrg function| FilterBoxListGrid function| GetFormData function| checkPassword function| ResolveIban function| IsZiraatBankIban function| OzIsValidIban function| customGridViewSelect function| isValidIBANTR function| isMsIE function| onInputFocus function| onInputBlur function| fCountDown function| StartLoggOff function| onYesClicked function| onNoClicked function| resetCounter function| CheckForZiraatInvestmentLoginStatus function| CheckForZiraatInvestmentLoginStatusCallBack function| changeAmountBoxAmount function| changeAmount function| ControlVersion function| GetSwfVer function| DetectFlashVer function| AC_AddExtension function| AC_Generateobj function| AC_FL_RunContent function| AC_GetArgs function| disableFlash function| enableFlash function| javaScriptFlicker function| flashFlicker function| showFlicker function| showFlickerTable function| toggleFlickerVisibility function| getFlickerWidth function| resizeFlicker function| resizeFlickerWH function| loadFlickerCookie function| showFlickerActions function| flickerOpenHelper function| flickerSpeedFaster function| flickerSpeedSlower function| calculateMsFromClockSpeed function| showFlickerBackground function| getFlickerCookieValue function| setFlickerCookieValue function| str_repeat function| sprintf function| luhnCalc function| xorCalc function| getASCIIHexFormatForSecOPTICCharacterSet function| getASCIIHexFormatForZKACharacterSet function| normalizeNonASCIIElements function| containsNonDigits function| getLS function| getLbdex function| getHalfByteDezValue function| getXorDataSecOPTIC function| secOPTICFlicker function| getXorDataV14Stuzza function| stuzzaHHD14Flicker function| getXorDataV14 function| hhd14Flicker function| getXorDataV101 function| hhd101Flicker function| AsyncPost function| FrameOutUrl function| TrySettingScrollPosition function| TryShowIframe function| CheckNewTab function| SetNewTabID object| Browser object| ieBrowser object| touchBrowser boolean| isMobile boolean| isMobileRecourse boolean| is_chrome boolean| is_firefox object| validMessageList object| bindedClickFunctions function| delayThis string| whitespaceall string| whitespace string| letters string| digits function| FilterBoxListGridDbn object| selectedCheckBoxes boolean| fTimeoutShowedOnce object| regexHasRepeatedCharacter object| regexHasLetter object| regexHasDigit object| regexBirthDay object| regexBirthDayYear number| birthDayMinYear string| characterAlphabet object| characterAlphabetValues boolean| isIE boolean| isWin boolean| isOpera number| requiredMajorVersion number| requiredMinorVersion number| requiredRevision boolean| globalFlickerPath undefined| globalFlickerCode undefined| globalClockSpeed boolean| globalHasFlash boolean| globalFlashDisabled object| globalTimerSettings function| $ function| jQuery function| dragula function| _ function| moment function| Cookies function| CloseAlertMsg object| VeriBranch object| zrtadx object| FontAwesomeKitConfig string| sid boolean| is_DefaultSubmit object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit object| dd5fcb6461304a64adbfb0462736cb6f function| WebForm_OnSubmit function| ValidateIdentity function| CheckCustomerNumberTCKN function| RestorePlaceholder function| removeCookies function| setIdentity function| ValidatePage function| loginDummyLoading object| Page_Validators object| ctl00_c_PageValidation boolean| Page_ValidationActive function| ValidatorOnSubmit function| OpenSMSOptionLb function| openIpIspWarning object| ProgressBar function| RateYo function| closeMenu function| openMenu function| RSAKeyPair function| twoDigit function| toWin1254 function| toUtf8 function| encryptedString function| decryptedString function| setMaxDigits function| biFromDecimal function| biCopy function| biFromNumber function| reverseStr function| biToString function| biToDecimal function| digitToHex function| biToHex function| charToHex function| hexToDigit function| biFromHex function| biFromString function| biDump function| biAdd function| biSubtract function| biHighIndex function| biNumBits function| biMultiply function| biMultiplyDigit function| arrayCopy function| biShiftLeft function| biShiftRight function| biMultiplyByRadixPower function| biDivideByRadixPower function| biModuloByRadixPower function| biCompare function| biDivideModulo function| biDivide function| biModulo function| biMultiplyMod function| biPow function| biPowMod function| BarrettMu function| BarrettMu_modulo function| BarrettMu_multiplyMod function| BarrettMu_powMod function| encryptPassword function| EncryptText function| EncryptFormInputs object| $jscomp object| Plugins number| dpl10 object| lr10 object| hexatrigesimalToChar object| hexToChar object| highBitMasks object| lowBitMasks object| unicode object| win1254 object| utf8_lo object| utf8_hi number| biRadixBase number| biRadixBits number| bitsPerDigit number| biRadix number| biHalfRadix number| biRadixSquared number| maxDigitVal number| maxInteger number| maxDigits object| ZERO_ARRAY object| bigZero object| bigOne function| Sly function| Inputmask function| CampaignButtonClick function| redirectToTxn function| CampaignLightBoxClosed function| CampaignLogoutButtonClick boolean| f boolean| mCustomScrollbar function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| lottie object| bodymovin object| hopscotch function| calculateFileSize function| calculateFileSizeByType function| validFileType function| getContentUrl function| InitializePlugins function| setCloseFunction object| MODULES object| ZIRAAT object| fileSizeType object| FileSizeType boolean| arrwEnabled object| $frame undefined| slyPlugin boolean| isSubmitted function| loginSubmit function| ShowLoginLoading function| HideLoginLoading function| SetUserPrefs object| Page_ValidationSummaries object| $filterButton object| $filterIb object| $filterWrap object| $filterSection object| $Back object| $MobileBack object| $PageBack object| $filterText object| $filterSwipeTab object| $resultScreenFilter object| $filterBtnWrap object| $_stepItem object| $_targetBlankItem object| $_eligibleItem object| $_blockItem object| $_tabItem object| $_tabPanel object| $_searchKey object| $scrollBox object| $partialItem object| $el object| $tabItem object| $tabContainer object| $videoBody object| $videos object| $openVideosBtn object| $videoItem object| $playerModal object| $playerModalBody object| $playerModalFooterThumb object| $modalThumbs object| $modalThumbItem object| $banner boolean| modulesInitialized object| $element object| $tableBox object| $tableCheck object| $tableDropdown object| $tableText object| $getButtonData object| $tableModalRenderView object| $tableScroll object| $fixAccount object| $transfercurrencyType object| $transferBranch object| vttjs function| WebVTT function| videojs string| currentTabIndex string| storedTabIndex

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Message: Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2' from origin 'https://ziraatbank.impretextos.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network	error	URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Message: Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2' from origin 'https://ziraatbank.impretextos.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network	error	URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Message: Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff2' from origin 'https://ziraatbank.impretextos.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network	error	URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Message: Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff' from origin 'https://ziraatbank.impretextos.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network	error	URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/BB78E1BCF28E9E4CC.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Message: Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff' from origin 'https://ziraatbank.impretextos.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network	error	URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/CFFA5595DEF2590DC.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ziraatbank.impretextos.com/?gclid=EAIaIQobChMI_qDtxabW-wIVp5JmAh2HVQYLEAAYASAAEgJjLvD_BwE Message: Access to font at 'https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff' from origin 'https://ziraatbank.impretextos.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'domain'.
network	error	URL: https://bireysel.ziraatbank.com.tr/Content/assets/css/webfonts/new/D40DF048D299CA4DD.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bireysel.ziraatbank.com.tr
globalsiteanalytics.com
ka-f.fontawesome.com
kit.fontawesome.com
ziraatbank.impretextos.com
bireysel.ziraatbank.com.tr
107.154.251.104
194.24.224.11
2606:4700::6812:1634
2606:4700:e6::ac40:ca1c
54.39.133.88
04994be7db4693bad5bc011cd1aa7a3cdd72c55dd72f478b772de9a795e82210
0f2f533253d2fd2b4c959034f7321cda7823588b2127b73de2ab3ba7054dc402
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4550cd3f103ff76495bbb4f1f8cd3f2a3ee0eb78cfbb3e78514cc78dd3b2722d
4d7097b9f0bfac831ec6eb0be4c0b346d8a44709ebfbb982f8cc1965802f0008
5077f7c3b0f1eb9aaba6557018e20da35e37b6425513b8adee10ff64c5fac10b
5464622544b173bc096c77df737277080b6c94bd331b9341a92a1b848bf21d53
61acb88314b068b5b6b7d1ce4169b00c27f1ac73fedec59b5e5b7b018e0109e5
75e159dc563cef2d81dfc676edd0562791341ffc58e8fb9d377011d4fe0977ae
788283b9392704ad36e4767d8e14790895e3a504214d4553da9b4992fd9f2af2
7bd1ce5e91f7fa685fe3ec37c7f79c27a49f3ae067afce596fa46bb5b2d90d89
80a6d7d4462d4041d9c4910213be386e66ba5e2bfcf2abbcee0a457bdfc1d29b
b055c452bbb3790a25caef40ba7e75a53f148ad46260c00719b5bd7b6ee90d82
b139d8abca664749039cff295b435f92317bff7d3081fc21a29942b42c9feefe
b856bad6a7ffe16d3ba0ea0d6c6fe0526385ebd11e589a2efbcbf97386e9ea40
d8265f2790c25a45f9e7b0e89eaef3a49b1086444a0fc4a03e53acb1d93f726d
dfea16b665deb7aa10afa458f173b3f28f3710de479a74a346b25af7a2a5bbbd
e7a9f485d6f2e1dabd73d8b9ebba2930177e6d77565963ed32707837ed9bba33
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecd0bd452254e541bd3e0f90384daf729c71bac57dcd6506ce531b82e91a6077
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f2d254ec3e3ec6c4f69379e89f4504dbfda90f271c5c7d1e33743a7eabdeba46
f7f37829e64d4d4dc8ae73659151b2c9bc5750f5c5c482af1e4f271f6b732ca1