urlscan.io logo urlscan.io
SecurityTrails logo

yardim-exxen.ortusdesk.com Open in urlscan Pro
2606:4700:20::681a:a70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://yardim-exxen.ortusdesk.com/
Effective URL: https://yardim-exxen.ortusdesk.com/
Submission: On February 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 39 HTTP transactions. The main IP is 2606:4700:20::681a:a70, located in United States and belongs to CLOUDFLARENET, US. The main domain is yardim-exxen.ortusdesk.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2023. Valid for: a year.
This is the only time yardim-exxen.ortusdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:20::ac43:4a50 (United States)

ASN13335 (CLOUDFLARENET, US)
yardim-exxen.ortusdesk.com
15    2606:4700:20::681a:a70 (United States)

ASN13335 (CLOUDFLARENET, US)
yardim-exxen.ortusdesk.com
exxen.ortusdesk.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6812:cc0 (United States)

ASN13335 (CLOUDFLARENET, US)
ortus-cdn.nyc3.cdn.digitaloceanspaces.com
7    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    162.243.189.2 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com
ortus-cdn.nyc3.digitaloceanspaces.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 ortusdesk.com
yardim-exxen.ortusdesk.com
exxen.ortusdesk.com
375 KB
7 gstatic.com
fonts.gstatic.com
99 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2000
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
457 KB
2 digitaloceanspaces.com
ortus-cdn.nyc3.cdn.digitaloceanspaces.com
ortus-cdn.nyc3.digitaloceanspaces.com
77 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
ajax.googleapis.com — Cisco Umbrella Rank: 434
32 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 940
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
66 KB
39 8
Domain Requested by
15 yardim-exxen.ortusdesk.com 2 redirects yardim-exxen.ortusdesk.com
code.jquery.com
7 fonts.gstatic.com fonts.googleapis.com
6 www.googletagmanager.com yardim-exxen.ortusdesk.com
www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 region1.google-analytics.com www.googletagmanager.com
1 exxen.ortusdesk.com yardim-exxen.ortusdesk.com
1 ortus-cdn.nyc3.digitaloceanspaces.com ortus-cdn.nyc3.cdn.digitaloceanspaces.com
1 ortus-cdn.nyc3.cdn.digitaloceanspaces.com yardim-exxen.ortusdesk.com
1 code.jquery.com yardim-exxen.ortusdesk.com
1 ajax.googleapis.com yardim-exxen.ortusdesk.com
1 cdn.jsdelivr.net yardim-exxen.ortusdesk.com
1 fonts.googleapis.com yardim-exxen.ortusdesk.com
39 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
exxen.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.nyc3.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2024-05-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://yardim-exxen.ortusdesk.com/
Frame ID: 5ED6791E67C1861120A0F1B11574984C
Requests: 38 HTTP requests in this frame

Frame: https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Frame ID: 59A55402EF92069572DFFBA1ED37A577
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Exxen Yardım Merkezi

Page URL History Show full URLs

  1. http://yardim-exxen.ortusdesk.com/ HTTP 301
    https://yardim-exxen.ortusdesk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

97 %
HTTPS

92 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

1157 kB
Transfer

2760 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://yardim-exxen.ortusdesk.com/ HTTP 301
    https://yardim-exxen.ortusdesk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yardim-exxen.ortusdesk.com/
Redirect Chain
  • http://yardim-exxen.ortusdesk.com/
  • https://yardim-exxen.ortusdesk.com/
31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1dec34170ff73a8ef9b910aaaede204042fb4e41c0e8075fdfe2f5f260614603

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
855f43918dc69131-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 17:27:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPYKKLDfEsP66%2FmN55Oflr86VSMAb8DH41dm2EM2sl9BfBII8TzIXP1ImeRSf2LO1DXnfPAZjXS4SFMyTkRsBKs8c%2FJWbQvJG91%2FgnB3DoaZiETPZZgjftfOJtJgvlRRRGu3tp9CKmfHTUg7n%2FSCbvhqzbMXSJf7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

CF-RAY
855f4390cb462bca-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 15 Feb 2024 17:27:51 GMT
Expires
Thu, 15 Feb 2024 18:27:51 GMT
Location
https://yardim-exxen.ortusdesk.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfvqRCJSGJiaABksfFi7QXtie6qTZxGCciXU4DlHWmIGmwRCXX%2F2z78evbquPGlXAJUl3uIyN7eJmbH33RMPq8Tuj8uBmvkfTeEc6vi38dYWfBJhhVWKtTk8HmsBngmDWgrYI0ss0C58NT9L%2B7jufJXmjEPYA3tN"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
HYq16zE4eVD-KBMWeGM--VNX0VY.js
yardim-exxen.ortusdesk.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/head/HYq16zE4eVD-KBMWeGM--VNX0VY.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac1ea25d1750a7b5b541ba9b4b2d90c1dfc0f908e6d7e44072453274c5aec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
x-amz-version-id
7zbpT3VrMlmZfblKZ8fHcx1O4WjvwtNT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JMDN5K95T7PTBG24
age
532792
x-amz-id-2
/mpMLTDoCgrbiMRujwHArmITmodoxLW/BJQwkI+CNCQe0wykh011wFh1MFBCyuPkWpZUfvOy5eM=
last-modified
Fri, 01 Jan 2021 22:00:21 GMT
server
cloudflare
etag
W/"7ed214a4a3d9c72383f3de7b7fb38b02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMUIXOarGpqNP7ertshzBrFPxczmqpkbNqhgQSI1qw9ojyzCt7VayDVW0cMmn%2BdOcLvNxqlripGmlvi1RDqBIQcN%2BEFjAz%2FriW8Yowt4nVc00iBi%2Fqo6Oyr9fvKNqVK0cLQc3ay3uGOcoOzowaZ8OwoJOgNFBPs2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
855f43923f369131-FRA
screen.css
yardim-exxen.ortusdesk.com/assets/built/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/assets/built/screen.css?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
98b69f39f04296a126394cc1fc488ea52497042746b9b35870e92eb0f44cbb32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 09:40:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
532792
x-powered-by
Express
etag
W/"72b6-18345ac15a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Vd3lMbmaKNBUOoGEEWK1qD6Mh3DszWNUzktGNqUgWkmGP9hosJR955jxR83pR%2BTJU%2Bd3Fw61fg19EqVElAk4Qi0ztNVwjXON7rAqp946Xk4ySOr80iNk9Ju3j0vER8ZircI0RF5GndBWXgvrI5%2FsDndMxudZ%2BKi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
855f43923f329131-FRA
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cdd451e1d203029095bc57864a19c70cd1be9136d13fc6884ba968c668b3dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 17:20:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Feb 2024 17:27:51 GMT
sodo-search.min.js
cdn.jsdelivr.net/npm/@tryghost/sodo-search@~1.1/umd/ 		197 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@tryghost/sodo-search@~1.1/umd/sodo-search.min.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15525
x-jsd-version
1.1.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230099-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"313b2-PGFkfSo33Bwphw9PaHfsB1kMn/Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4PHxVunGFTjKvDwDj1qeDSrBEE%2FprA%2BOOc2sIjbKjhQEAFKO4cJOHuWCx50CaXaAJbn3YhXX8%2BeI4tWoSbm9H3WpzNwEDuQcr0%2FUX0nmIop8nvdLXZfxgsHSYeZFy5ksON6XbkfvHKIK4uJPlI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
855f4393ae4439ec-FRA
cards.min.js
yardim-exxen.ortusdesk.com/public/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/public/cards.min.js?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
532792
x-powered-by
Express
etag
W/"9e5964261251e02cc1d6dfb44e28481f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVIEjXKw%2FkpnKMYRfgsUlT4UDtzABIIxMfOlrODsP3bkV9ffWG2hb7Juwbm1m23qbg%2B3p5%2F7B5zwg%2BoSXpDRCb93EuRbwq6yRI5UhT%2BzZJpmTsqijoo8PZdi6LoPvy8ceSerP%2BVvrjbt9OEt0WeQ8Di1nDLbslIX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
855f4392d8319131-FRA
cards.min.css
yardim-exxen.ortusdesk.com/public/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/public/cards.min.css?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
532792
x-powered-by
Express
etag
W/"b9318467f6388557fe2bae29d33a119e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHlHWYacAN5aEJekWl0EeOdkyiqJL4cNgFZFTMGeevX%2Bu62AbT8x2xjjRvxkuugRzgHarkVueRSams1UFV3kkb1WSG%2FAt0LfNO2WluGan58uEqxs3KuRJuC%2BrDwUVUinJMqYr9hk%2FSaX94j6gyVaqaSwYBdftljw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
855f43923f349131-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 13:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 13:40:27 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186204470-1
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
474ac5b2658b86f8618f96760b56ccfb76c3e2ed191d46e07d9fe9c857bf6c8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71355
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 17:11:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 17:27:51 GMT
WhatsApp-Image-2021-03-10-at-09.53.53.jpeg
yardim-exxen.ortusdesk.com/content/images/2022/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardim-exxen.ortusdesk.com/content/images/2022/04/WhatsApp-Image-2021-03-10-at-09.53.53.jpeg
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4511bc0903ed1cd0a1e79a7677689a75cdae420bc3e04b3ada558550e93d9055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532792
x-powered-by
Express
content-length
17278
cf-bgj
h2pri
last-modified
Wed, 31 Aug 2022 12:16:44 GMT
server
cloudflare
etag
W/"437e-182f3d513e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL5NTpqDtjyGsk7V5GEHlcDNHi220psOBVvom%2F1woThMWiT%2BKqksTvQCoCo8%2BRJFRLFnxBu2NSy1dlITblyo2bBVEHNFurwq%2BfQXMfv379DjkIdJCyJJJlXrXFrKfe6%2FgA3Fux7mQTpN4GRmcexkcwAWnoCMFGJz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855f43923f389131-FRA
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
821030
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-fra-etou8220127-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1708018071.461187,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 9653
main.min.js
yardim-exxen.ortusdesk.com/assets/built/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/assets/built/main.min.js?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e68b1ff5a9d1bb881f3403c41e9f033b5b534f1366242d351beca07f0dc13f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 09:40:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
532792
x-powered-by
Express
etag
W/"1597a-18345ac15a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT6xCIpf%2BnI5jucX03jk9W4FPWEAoQ6pRbwjhYx7aKwKm3ylc8dLHVHTbjEMi%2BNIgy1MOfq%2Fueai7vtyJk0IntC0AgroXBZyYzRGGSo9EVSCjl0kvdVinMWEQZHLd1Q8ozuObITMAtKTUrj4FwaA%2BvTA08PDEqNc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
855f43927f979131-FRA
js
www.googletagmanager.com/gtag/ 		231 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EXC37LC4VS
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa1343f0cd562a56f698187039652975b38b3758b35b2bed914ec2b7e4c23a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85898
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 17:27:51 GMT
ortus4c1.js
ortus-cdn.nyc3.cdn.digitaloceanspaces.com/app/centros4c/assets/ 		388 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ortus-cdn.nyc3.cdn.digitaloceanspaces.com/app/centros4c/assets/ortus4c1.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9db444c52a2c29557ab12d6a35bf308b7ba4d0f1cc21a0c4a9cab24761205eff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000016184019-00656a23c3-41e2d025-nyc3a
age
531428
x-envoy-upstream-healthchecked-cluster
last-modified
Tue, 11 Oct 2022 18:24:54 GMT
server
cloudflare
etag
W/"c0040c84d07c0ad657e23b0bc7ebe283"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/javascript
x-do-cdn-uuid
f270c43c-6eb3-46df-b7bb-e42bcda4021d
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
855f4393db509107-FRA
d8I8-yNNSslLKLDP9kkyaXmCAxI.js
yardim-exxen.ortusdesk.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/body/d8I8-yNNSslLKLDP9kkyaXmCAxI.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/head/HYq16zE4eVD-KBMWeGM--VNX0VY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c3c23d319543fa4e8bb298779cf19cdeeef636fb820a5224420470a63f2dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
x-amz-version-id
PJtMR7UkBSYz8WVzihMAuMvl8.l0y6e7
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8NZXZ818PGH122GT
age
532791
x-amz-id-2
wBxGctVf81MkGsp5FBFiiYo+fOgdJgMWw5LLQRfQSQuWzy7qmoSFTjBt/I5C6IEE4jSPYdbGOMA=
last-modified
Fri, 01 Jan 2021 22:00:21 GMT
server
cloudflare
etag
W/"065efbe4008e8cc05d17526f83b1ac57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbONo5WKLouWjd8LFn3SSSmaHS1z7Z8CU2%2BDFxsQdXeef%2FYxPxF7jrzNI7o4JMNHJ2rndWHkHh1a6eqJXY8Gw%2F33uBtPKCWmQ6cXgb03NjVHDYWNfmSm8S8Tpt7%2FIKc0DKd7773cfgYUF6M%2BphjLqxXevSptZFvW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
855f4392d8329131-FRA
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/gif
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 05:18:28 GMT
x-content-type-options
nosniff
age
130163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 05:18:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:51:30 GMT
x-content-type-options
nosniff
age
203781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:51:30 GMT
IVEEL.ttf
yardim-exxen.ortusdesk.com/assets/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/assets/fonts/IVEEL.ttf
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/assets/built/screen.css?v=f22d8b9259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
661faaf4c1a3f80585431a7f923c582239c0d893a98a297cb531c659612d60cc

Request headers

Referer
https://yardim-exxen.ortusdesk.com/assets/built/screen.css?v=f22d8b9259
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532791
x-powered-by
Express
last-modified
Fri, 16 Sep 2022 09:40:49 GMT
server
cloudflare
etag
W/"149c-18345ac1584"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JCMwEE8DJ%2FTGL%2FmFKXYuidlVZ1Z7Ir9Zntmq7tVLoXIYDY0OSz%2F0rXcCVW2nXgOz8UB5w3Z9OHHw%2BwMVcUNQN9KRE6a9fVFiXFpZ76IrfGgT10qaBEVMIBvSc08tsUxw6aM%2BpThKf1PMXwo%2BOWPtR9doqtbzyMP"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
855f439389399131-FRA
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:49:41 GMT
x-content-type-options
nosniff
age
203890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:49:41 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 23:53:18 GMT
x-content-type-options
nosniff
age
149673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 23:53:18 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 00:14:38 GMT
x-content-type-options
nosniff
age
234793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 00:14:38 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:00:05 GMT
x-content-type-options
nosniff
age
203266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:00:05 GMT
Untitled-1-copy-3.jpg
yardim-exxen.ortusdesk.com/content/images/2022/04/ 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardim-exxen.ortusdesk.com/content/images/2022/04/Untitled-1-copy-3.jpg
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7045f0d3c1939d4d923723b687acb5c3ca0d9dafac43a478ffddc302814e4b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532791
x-powered-by
Express
content-length
256305
cf-bgj
h2pri
last-modified
Wed, 31 Aug 2022 12:16:44 GMT
server
cloudflare
etag
W/"3e931-182f3d513e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqpnahO8SGKS5CLZwOmOsU%2FU0wVxD48mKlroKouU1nEP85QuzjzThN92biZFLKRuDVOUAb%2BomOPZ2ALDvbnWZmjtYoIZiPEfRpdUtYdvj0UyEhParSXWAV%2Bvt%2FtXE2U0bqslHp728DmHOoSHNPt7x2Hx0tJ2u%2FH6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855f4393893c9131-FRA
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186355045-1
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/body/d8I8-yNNSslLKLDP9kkyaXmCAxI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2407fcd7fd08560b1dc76b888a8886a000572280aa78c66d1b5f2452607d475f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71353
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 17:27:51 GMT
ortus4c_implementation1.css
ortus-cdn.nyc3.digitaloceanspaces.com/app/centros4c/assets/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ortus-cdn.nyc3.digitaloceanspaces.com/app/centros4c/assets/ortus4c_implementation1.css
Requested by
Host: ortus-cdn.nyc3.cdn.digitaloceanspaces.com
URL: https://ortus-cdn.nyc3.cdn.digitaloceanspaces.com/app/centros4c/assets/ortus4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
nyc3.digitaloceanspaces.com
Software
/
Resource Hash
bbc2376cc6da447ae1e2578f411ee993b6620aa5e9df3b96b52dfbceada10157
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 11 Oct 2022 18:28:39 GMT
x-amz-request-id
tx000000000000008172f4e-0065ce4965-41e487bf-nyc3a
age
50
etag
"ffe66b48b0c06a924e487f025bb6fed9"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
2694
chatLogo
exxen.ortusdesk.com/centros/servlet/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exxen.ortusdesk.com/centros/servlet/chatLogo?channelKey=EXXEN_OFFLINE
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a2935792fd34293b12772609b5bf9f56be66337a4ed04b6c68f2b432b23b7b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-b3-traceid
7273de0665363e5e
content-length
33739
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2B57vkX10niWTjRddzeBy5i%2FRLJoJ0Pxjq4kF740oT1ZoSPiX3BXeFPRCb3tFqm9dpa0%2FS6u31ahgJPlBF7AzqVOPofRdHA0zOodDF8x67Ul38weZa24zdSgCUlwHBXfHgmWZcwWV3qSAiSP3rFfTw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
855f43948ae99131-FRA
expires
0
main.js
yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame 59A5
Redirect Chain
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
060f48a9e3d1bc4bda7190864d53461f70b6078c966b84b0c49073006188e653
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxLhiJ8miUBL6MjgKYVgRb81DPr7FOQJhgrq9cPPQo2HAccA%2Bbxi5%2FUIGfowX1j1n6YO%2FYaxI54BPqgSZTD64JUO%2FyAsMOLCUO6Kx2E4sukujl5VWduTThHxuuqhzy4eXrK4jJ%2BVJICfBvrZdzI8zg7lYZiPaZyL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
855f4394bb409131-FRA

Redirect headers

date
Thu, 15 Feb 2024 17:27:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oD4UqbEZi2%2B4ML%2BUGQ%2Bdrwz3Fluq0DTZeKgHAAQ67bQvj7ddbt81GYY4fdbGIXRPooJwuoQvojQT3jJwNnkjXJyacf6Tc7peXIUlBfjjEFYTBDDP4lll55EwgVzLOJ6cc0ZLKw025nRX0Jlg%2B9qzTHiCV2rYVwn"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
cache-control
max-age=300, public
cf-ray
855f43946ad29131-FRA
/
yardim-exxen.ortusdesk.com/ghost/api/v3/content/posts/ 		68 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/ghost/api/v3/content/posts/?key=ab5e00022f576526eb315cc5e5&limit=all&fields=id,title,excerpt,url,updated_at,visibility&order=updated_at%20desc&formats=plaintext
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
000a7ffc64432f1d28b7d0cc2f64af4c379dcd8254891b1543a23dfc6999ae23

Request headers

Accept
*/*
Referer
https://yardim-exxen.ortusdesk.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-version
v5.12
server
cloudflare
etag
W/"110b2-Hbcxrfr1JeXrd7Jw00BPRECckso"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpvWXiYEtfEd8mLBTwrqMdqAkJfOPAIEa0yNF15u%2BOA%2ByHtgffkZ%2BcbW%2B9koSOODyyASWEAjhUlyL9o4RnTPrBCi217zeCo6234Df8604RoHmJl4%2BKO%2F%2B0x%2BkdvUsxTAO6u%2F6d%2BcW0SdCdvagmRFGQD%2Fv3wQZdEK"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
deprecation
version="v3"
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray
855f43947ae69131-FRA
link
<https://yardim-exxen.ortusdesk.com/ghost/api/content/posts/?key=ab5e00022f576526eb315cc5e5&limit=all&fields=id,title,excerpt,url,updated_at,visibility&order=updated_at%20desc&formats=plaintext>; rel="latest-version"
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 21:16:49 GMT
x-content-type-options
nosniff
age
245462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Feb 2025 21:16:49 GMT
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EXC37LC4VS&gtm=45je42c0za200&_p=1708018071490&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=610127816.1708018072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708018071&sct=1&seg=0&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&dt=Exxen%20Yard%C4%B1m%20Merkezi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=665
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EXC37LC4VS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 17:27:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186355045-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EXC37LC4VS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d77ba8b41edc639c72b7a5fe74fffc17bd6d5a53a602bde53e2003c22c96e4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71338
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 17:27:51 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-23LK3ZBWSC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186204470-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dade077d159e585448e02a3608dcfe3a7b28289349209904603525a88d5a218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83435
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 17:27:51 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186204470-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 15:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5982
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Feb 2024 17:48:09 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFJWK73FR7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186355045-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6be5e77f167f7d084676d5feae148b0ae988040bd041d649867c6cac35463bc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83433
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 17:27:51 GMT
855f43918dc69131
yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 59A5 		0
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/g/jsd/r/855f43918dc69131
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Feb 2024 17:27:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
855f43954c339131-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DZknfTr77hz6DxJL2MkXw22NnffNlkmtETpRkZoWeCoKwvn3w4FV3i4Oyz5HsqefZWfpkZ5oLvQVbaoFTj%2FH9wydRIY8D%2FUVEYr8f2czGT3r%2FLEMzl573qDdSdOBwKlf2IIC%2FAuSCwCKMcYwEgPZP%2F0RsQlRI%2Fo"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1643633205&t=pageview&_s=1&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&ul=en-us&de=UTF-8&dt=Exxen%20Yard%C4%B1m%20Merkezi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1278749211&gjid=782952710&cid=610127816.1708018072&tid=UA-186204470-1&_gid=675064911.1708018072&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=877645095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 17:27:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1643633205&t=pageview&_s=1&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&ul=en-us&de=UTF-8&dt=Exxen%20Yard%C4%B1m%20Merkezi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=504290002&gjid=522195432&cid=610127816.1708018072&tid=UA-186355045-1&_gid=675064911.1708018072&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=916208353
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 17:27:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-23LK3ZBWSC&gtm=45je42c0v9114780992za200&_p=1708018071490&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=610127816.1708018072&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708018071&sct=1&seg=0&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&dt=Exxen%20Yard%C4%B1m%20Merkezi&en=page_view&_fv=1&_ss=1&tfd=810
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23LK3ZBWSC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 17:27:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NFJWK73FR7&gtm=45je42c0v9114570078za200&_p=1708018071490&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=610127816.1708018072&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708018071&sct=1&seg=0&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&dt=Exxen%20Yard%C4%B1m%20Merkezi&en=page_view&_fv=1&_ss=1&tfd=822
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFJWK73FR7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 17:27:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CloudflareApps string| siteUrl function| $ function| jQuery string| gh_search_key string| gh_search_migration function| gtag object| link object| dataLayer object| body function| search function| featured function| video function| gallery function| table function| mobileMenu function| lunr function| elasticlunr function| jarallax object| lazySizesConfig object| lazySizes string| GoogleAnalyticsObject function| ga object| CryptoJS boolean| formOpened function| addStyle function| addScript function| openForm boolean| loadedIframe function| loadIframe function| closeForm function| minimizeMaximize function| ortusCobInit function| create4cPopup function| create4cLink function| create4cPopupCob object| Centros undefined| OrtusCobConfig_ignoreForms undefined| OrtusCobConfig_autoStart function| io object| centrosInstance function| qt function| Kt function| zt function| Yt function| Ft function| Nt string| encodedSource object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| gaplugins object| gaData

8 Cookies

Domain/Path Name / Value
.ortusdesk.com/ Name: _ga_EXC37LC4VS
Value: GS1.1.1708018071.1.0.1708018071.0.0.0
.ortusdesk.com/ Name: _gid
Value: GA1.2.675064911.1708018072
.ortusdesk.com/ Name: _gat_gtag_UA_186204470_1
Value: 1
.ortusdesk.com/ Name: _gat_gtag_UA_186355045_1
Value: 1
.ortusdesk.com/ Name: _ga_23LK3ZBWSC
Value: GS1.1.1708018071.1.0.1708018071.0.0.0
.ortusdesk.com/ Name: _ga
Value: GA1.1.610127816.1708018072
.ortusdesk.com/ Name: _ga_NFJWK73FR7
Value: GS1.1.1708018071.1.0.1708018071.0.0.0
.ortusdesk.com/ Name: cf_clearance
Value: boJdn5MOaU768m6kSddWrXlGqibUtlc92ORHG4o5loc-1708018071-1.0-AWgm7EWPy5pYVWIzBtqRAcGMa7FoUXJKzy42V9AtU1LsFntJEYwpF/6X287+fPKdp+QZFYZipA+9pKckCNGYMHA=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
exxen.ortusdesk.com
fonts.googleapis.com
fonts.gstatic.com
ortus-cdn.nyc3.cdn.digitaloceanspaces.com
ortus-cdn.nyc3.digitaloceanspaces.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
yardim-exxen.ortusdesk.com
162.243.189.2
2001:4860:4802:34::36
2606:4700:20::681a:a70
2606:4700:20::ac43:4a50
2606:4700::6810:5614
2606:4700::6812:cc0
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a04:4e42:200::649
000a7ffc64432f1d28b7d0cc2f64af4c379dcd8254891b1543a23dfc6999ae23
060f48a9e3d1bc4bda7190864d53461f70b6078c966b84b0c49073006188e653
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1dec34170ff73a8ef9b910aaaede204042fb4e41c0e8075fdfe2f5f260614603
2407fcd7fd08560b1dc76b888a8886a000572280aa78c66d1b5f2452607d475f
33a2935792fd34293b12772609b5bf9f56be66337a4ed04b6c68f2b432b23b7b
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4511bc0903ed1cd0a1e79a7677689a75cdae420bc3e04b3ada558550e93d9055
474ac5b2658b86f8618f96760b56ccfb76c3e2ed191d46e07d9fe9c857bf6c8c
4cdd451e1d203029095bc57864a19c70cd1be9136d13fc6884ba968c668b3dcb
661faaf4c1a3f80585431a7f923c582239c0d893a98a297cb531c659612d60cc
6ac1ea25d1750a7b5b541ba9b4b2d90c1dfc0f908e6d7e44072453274c5aec16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be5e77f167f7d084676d5feae148b0ae988040bd041d649867c6cac35463bc9
7045f0d3c1939d4d923723b687acb5c3ca0d9dafac43a478ffddc302814e4b51
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0
7dade077d159e585448e02a3608dcfe3a7b28289349209904603525a88d5a218
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
98b69f39f04296a126394cc1fc488ea52497042746b9b35870e92eb0f44cbb32
9db444c52a2c29557ab12d6a35bf308b7ba4d0f1cc21a0c4a9cab24761205eff
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc2376cc6da447ae1e2578f411ee993b6620aa5e9df3b96b52dfbceada10157
c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb
d2c3c23d319543fa4e8bb298779cf19cdeeef636fb820a5224420470a63f2dd1
d77ba8b41edc639c72b7a5fe74fffc17bd6d5a53a602bde53e2003c22c96e4fc
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b1ff5a9d1bb881f3403c41e9f033b5b534f1366242d351beca07f0dc13f9d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa1343f0cd562a56f698187039652975b38b3758b35b2bed914ec2b7e4c23a81
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b