urlscan.io logo urlscan.io
SecurityTrails logo

gazivakfi.org Open in urlscan Pro
2606:4700:3035::ac43:ce20  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://360-insurance.com/maday.html
Effective URL: https://gazivakfi.org/zld/
Submission: On June 06 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3035::ac43:ce20, located in United States and belongs to CLOUDFLARENET, US. The main domain is gazivakfi.org.
TLS certificate: Issued by GTS CA 1P5 on May 9th 2023. Valid for: 3 months.
This is the only time gazivakfi.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

5    107.154.147.24 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.147.24.ip.incapdns.net
360-insurance.com
16    2606:4700:3035::ac43:ce20 (United States)

ASN13335 (CLOUDFLARENET, US)
gazivakfi.org
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
Apex Domain
Subdomains		 Transfer
16 gazivakfi.org
gazivakfi.org
593 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
40 KB
5 360-insurance.com
360-insurance.com
25 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
translate.googleapis.com — Cisco Umbrella Rank: 1093
77 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1430
28 KB
32 5
Domain Requested by
16 gazivakfi.org 1 redirects gazivakfi.org
5 360-insurance.com 360-insurance.com
4 fonts.gstatic.com gazivakfi.org
3 www.gstatic.com gazivakfi.org
www.gstatic.com
2 fonts.googleapis.com gazivakfi.org
1 translate.googleapis.com
1 translate.google.com gazivakfi.org
32 7

This site contains links to these domains. Also see Links.

Domain
translate.google.com
Subject Issuer Validity Valid
360-insurance.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-12 -
2024-05-11		 a year crt.sh
gazivakfi.org
GTS CA 1P5		 2023-05-09 -
2023-08-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gazivakfi.org/zld/
Frame ID: 8DA552089345EFFFD0202B463E8B2CFF
Requests: 35 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2F13CAE2188314F135BBDB1E762850F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

الصفحة غير موجودة. – Gazi Vakfı

Page URL History Show full URLs

  1. https://360-insurance.com/maday.html Page URL
  2. https://360-insurance.com/maday.html Page URL
  3. https://gazivakfi.org/zld/ Page URL
  4. https://gazivakfi.org/cdn-cgi/phish-bypass?atok=rpnZFk5T6V.EiFuMW6UoM9.sWvrGBtULYY5dBw53zaA-168605... HTTP 301
    https://gazivakfi.org/zld/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

9
IPs

2
Countries

764 kB
Transfer

2511 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://360-insurance.com/maday.html Page URL
  2. https://360-insurance.com/maday.html Page URL
  3. https://gazivakfi.org/zld/ Page URL
  4. https://gazivakfi.org/cdn-cgi/phish-bypass?atok=rpnZFk5T6V.EiFuMW6UoM9.sWvrGBtULYY5dBw53zaA-1686057531-0-%2Fzld%2F HTTP 301
    https://gazivakfi.org/zld/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
maday.html
360-insurance.com/ 		212 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
212
content-type
text/html
x-iinfo
11-397045-0 0NNN RT(1686057530206 282) q(0 -1 -1 3) r(0 -1) B10(4,314,0) U18
_Incapsula_Resource
360-insurance.com/ 		171 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash
22ee33c91aa386bbe2b32653247c6d4d852db499153849fbdee1c37c76ef554e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
25004
content-type
application/javascript
_Incapsula_Resource
360-insurance.com/ 		29 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/_Incapsula_Resource?SWHANEDL=3817151722004239217,10379158575864306750,6951303498963590178,23961
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
29
content-type
application/javascript
maday.html
360-insurance.com/ 		75 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/maday.html
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
Apache /
Resource Hash

Request headers

Referer
https://360-insurance.com/maday.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html
date
Tue, 06 Jun 2023 13:18:51 GMT
last-modified
Sun, 07 May 2023 22:45:08 GMT
server
Apache
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
11-397045-397164 NNNN CT(15 22 0) RT(1686057530206 803) q(0 0 0 -1) r(0 0) U12
_Incapsula_Resource
360-insurance.com/ 		1 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://360-insurance.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4766253455476208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
360-insurance.com/ 		0
0
/
gazivakfi.org/zld/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831aca98baef2556f47feb26a149913fe8474a72e8442ef9534cd19df49dfa5c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://360-insurance.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-ray
7d30f1933a7d18dd-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 13:18:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMrizHddRLqqXWZAiEsEGZItX%2BL%2F787NuKcm0pIXTXR%2B8IfxIOh9s%2BXaG2ZQJCgoqp7asUiTJ8LbTHvug328ogSjfiRJh5mCdpn%2FVR5FHAbo5zhgfedp49Zr6DvuiyNZDvOo4gDyq2MLsZml"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
gazivakfi.org/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:20:42 GMT
server
cloudflare
etag
W/"6476144a-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7d30f1937ada18dd-FRA
expires
Tue, 06 Jun 2023 15:18:51 GMT
icon-exclamation.png
gazivakfi.org/cdn-cgi/images/ 		452 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:18:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:20:42 GMT
server
cloudflare
etag
"6476144a-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7d30f1940b7418dd-FRA
content-length
452
expires
Tue, 06 Jun 2023 15:18:51 GMT
Primary Request /
gazivakfi.org/zld/
Redirect Chain
  • https://gazivakfi.org/cdn-cgi/phish-bypass?atok=rpnZFk5T6V.EiFuMW6UoM9.sWvrGBtULYY5dBw53zaA-1686057531-0-%2Fzld%2F
  • https://gazivakfi.org/zld/
955 KB
139 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
aa5f331d519cb77adc272b6ca857535e850b7b3290b3d3ce050ae94a27e313a1

Request headers

Referer
https://gazivakfi.org/zld/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7d30f1aeeeb818dd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 06 Jun 2023 13:19:04 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://gazivakfi.org/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Tl8a4QmnHncX78m29HGmUoAANkN2xB8oxC%2B%2BkYFByrkG2IephN97pjcBHZR9XS0Gv2xAAE4Gl0%2FKyOZ7IHH02rGhlQ5P3YOr51fW%2BSQ02ITHWJsDOEF5v9Dw46QkYk7JY1KHIiQ65VAxVcP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34

Redirect headers

cache-control
private, no-cache
cf-ray
7d30f1aebe9418dd-FRA
content-length
167
content-type
text/html
date
Tue, 06 Jun 2023 13:18:55 GMT
location
https://gazivakfi.org/zld/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
wp-emoji-release.min.js
gazivakfi.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpb8fBauhKOErO7gpwc%2B2RCRAJUvvV22MOVixSGr9aJL2o6klyRmQKR13uiUe3%2FvnDyEX8h136aQ7VGRlfGY8oZaPdbMz7yIWHilX7kWjuJBQGXxGnLQ2Fu%2F5SZ9nH0QodHs7S0VAx%2BZhQad"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d30f1eaed3018dd-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		386 B
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Candal%3A300%2C400%2C700&ver=6.2.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Jun 2023 13:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 13:19:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jun 2023 13:19:05 GMT
css
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Times+New+Roman%3A300%2C400%2C700&ver=6.2.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
jquery.min.js
gazivakfi.org/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FoRlMYqV%2Bm6BtdtIi3XUhEm6jhGJliAM3rJYA5uN7pLXquDhsYwPjYtkuYZk7JFoTUwzK4puL4tMPmMfoMTC0ncbE5ozkQ6R2AFHaySpyjDyxkm7f0NQbfjVXbInaO5G8LufMSJjklQKJX4g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d30f1eaed3318dd-FRA
alt-svc
h3=":443"; ma=86400
wp-polyfill-inert.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2UCN6qzMap88wPP9fmYlVu2MbQlQtTO7CNxTV6tgurI47wYXuoIevMiKs3lxHzBpk4mfCtLgh4tr9Q6249iwoh8j2L6dEW1%2F3B16%2FrA5xxYj4JiWl1egfDsyRNpUEJcqi%2B4Ac3RqDXdjkpV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d30f1eafd4618dd-FRA
alt-svc
h3=":443"; ma=86400
regenerator-runtime.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MorzqEstFEn%2B7YJYgPa8hvOq%2FYYJZz7GRMS8aEUEhCgK0C9WBJEl6hMuZKDdDUVVXEISRDN3oLLOZ%2FcuccjbBDVwwawUWMNRBELXVEg86c8FQp51zE%2BWLUQLMJDWNKkLdP5K%2FkHqks88wpJ8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d30f1eafd4718dd-FRA
alt-svc
h3=":443"; ma=86400
wp-polyfill.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 02 Nov 2022 06:24:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HygFYUhOSkyxcA76YwEHiseGouDPPkAcet5PgySX2k8M9Z2xuFdoXW2YzslNu9POyGiYP6sde%2BaP6qNTlzNi5wht9AaIUoDVxKJ%2Fj2VIh4hqOhuSB7%2By%2BRcgTfw3lUmjamBnk6TEcOkL%2BEHE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d30f1eafd4b18dd-FRA
alt-svc
h3=":443"; ma=86400
element.js
translate.google.com/translate_a/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
65da0a497ca6649597260dd4b22370757bd9c59d375e30ed053eacb001b7144d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 13:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
autoptimize_9801e1c459c18fe3985c499281440817.js
gazivakfi.org/wp-content/cache/autoptimize/js/ 		635 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/cache/autoptimize/js/autoptimize_9801e1c459c18fe3985c499281440817.js
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd89a70328b1081ddd6c9ab55dd62b64fe2a0448287671244174ed5f7107d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 06:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
84577
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltOGHrVB8qirD1BHMgQh8lf2XbMP4Gjs3rLAMw8xqwsEPd6V5%2FBAMBe9f2sqd6cJnK6GL1qny%2FtG22GiR8KeUEbqNpoM97Do2nQZndNoFtGcF%2Fq8VeRvfow6L499CZZkDBwfGg0fVTyS4h3F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=30672000, immutable
cf-ray
7d30f1f008c73a60-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 13:49:29 GMT
truncated
/ 		86 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad9028c535cbac821881768c4a56bd111bde3e9c2f7e68f97aba5780224c9dcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		86 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93236c6e908c4edbdc034eb3f6f71067d1d8c315243751da84b68330031c686a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 16:10:46 GMT
x-content-type-options
nosniff
age
594500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10256
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 16:10:46 GMT
fa-brands-400.woff2
gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Request headers

Referer
https://gazivakfi.org/zld/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Dec 2021 12:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE%2F%2Bdm6aJPShJmT24yDhs267PXF%2FtJ%2FFxrkfNVQqIXsGcRBwDbtIRNzSVeU2uVcl546uu4h7o4wOJ6jHepXHggytELjaIKt8b2DEmauMN1oQiTZkzJMmdBmgwS8mQFeIfniMdd6HZMp%2BMX56"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7d30f1f028f43a60-FRA
alt-svc
h3=":443"; ma=86400
content-length
75368
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 22:47:54 GMT
x-content-type-options
nosniff
age
225072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 22:47:54 GMT
fa-solid-900.woff2
gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009

Request headers

Referer
https://gazivakfi.org/zld/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 21 Dec 2021 12:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BF0uvmP%2BteyLxZ5PXznnf7%2F%2FIjoDhC%2FuHiL3PErWStfDenZE13%2Bg5v7tyVzMBDzFY90Jtxh3mQeXYl6r0eycXwD5rcoGAU4wtY8ODF4tUeuDO03Tuk9Q62E3eEp5VfzCJTEJHmuSzJgL6QA"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7d30f1f028f53a60-FRA
alt-svc
h3=":443"; ma=86400
content-length
75760
Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 15:51:52 GMT
x-content-type-options
nosniff
age
250034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 15:51:52 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Xp2E0_InkR0.O/d=1/rs=AN8SPfrn1KHYHpp2lqjnS0FDBwCMiN4WJg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 09:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4396
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 09:30:55 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Xp2E0_InkR0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrn1KHYHpp2lqjnS0FDBwCMiN4WJg/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Xp2E0_InkR0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrn1KHYHpp2lqjnS0FDBwCMiN4WJg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Xp2E0_InkR0.O/d=1/rs=AN8SPfrn1KHYHpp2lqjnS0FDBwCMiN4WJg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0041c31fbbec6fdc6cc8fa2a829ea66efede78fff5d1be0272c1db9362b7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 09:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77484
x-xss-protection
0
last-modified
Sat, 03 Jun 2023 11:22:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jun 2024 09:30:55 GMT
truncated
/ 		475 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
gazivakfi.org/wp-content/plugins/google-language-translator/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:06 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 01 Apr 2022 14:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ue63Yfctqs9N1b2eML6xBg0Yy8yf0QXJT6XYUFV81UhjuHMHbdlXEXEr1hHHS%2FauYahIyyg5g7eO4PKJdri4NG4NeTfFRqZSvsKcBNN4M3f9ELB1aCVhvTg0kDXRo5RkrbVBNE3yOqvokLNJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7d30f1f12a613a60-FRA
alt-svc
h3=":443"; ma=86400
content-length
54996
/
gazivakfi.org/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/?wc-ajax=get_refreshed_fragments
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
a3c9d9eece62711f7a700bc637f0f3972d609e4209a9960576728554debdab6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://gazivakfi.org/zld/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 13:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.34
alt-svc
h3=":443"; ma=86400
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yscJmY3QJ8Y%2B6ZrjF%2BBYEej9sXrt1mWIbikIW4b1vP6kcQ%2Fx7jmDQBKaF3%2FJH7incW%2BcusFRAQ2ev4Nz9Q7UJpFHcjCRVNYE8oNG%2BN0dK9AFqvXkBI1jMTTv4yfHVeoRjY%2FDPdFzvm%2BU%2FFJ7"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gazivakfi.org
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
7d30f1f13a783a60-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
truncated
/ Frame 2F13 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 17:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
332276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Jun 2024 17:01:10 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 06:58:45 GMT
x-content-type-options
nosniff
age
282021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 02 Jun 2024 06:58:45 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 19:40:19 GMT
x-content-type-options
nosniff
age
149927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 03 Jun 2024 19:40:19 GMT
gazivakfi.png
gazivakfi.org/wp-content/uploads/2022/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/wp-content/uploads/2022/01/gazivakfi.png
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4e362872b85503281754e458ef06019efaf77453953483d49cad7ec350548a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 13:19:07 GMT
cf-cache-status
BYPASS
last-modified
Sat, 22 Jan 2022 18:16:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo%2FEGEPdM5i4izNIs1mExzrE03qg7ZbXqBqGbUccdS5iutKGMcuTnexC9YO0Yo%2FdTFmt7VjotQdd4Xd8o%2BkZbBPo9BI4Fp865FWdQudzQYKgB%2F%2BEJvG%2B4%2FZh8iiyMS7z0bcl%2FzI9fkSACDae"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
accept-ranges
bytes
cf-ray
7d30f1f2ed213a60-FRA
alt-svc
h3=":443"; ma=86400
content-length
4167

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
360-insurance.com
URL
https://360-insurance.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A111%2Cr%3A289)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| _0x9e23 function| _0x4d17 function| mobileCheck object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| wc_add_to_cart_params function| setREVStartSize object| RS_MODULES function| GoogleLanguageTranslatorInit object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| woocommerce_params object| wc_cart_fragments_params object| xtra_strings function| GLTFireEvent function| doGoogleLanguageTranslator object| Codevz object| Codevz_Plus object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor function| Cookies object| forbiddenTag string| numberType object| forbiddenClass object| className boolean| res object| closure_lm_78827

3 Cookies

Domain/Path Name / Value
.360-insurance.com/ Name: visid_incap_2707971
Value: cF1XH05tQ5eBG5mSZqjllzoyf2QAAAAAQUIPAAAAAAA9rIalfwJhmvR0ZvWczNmm
.360-insurance.com/ Name: incap_ses_1544_2707971
Value: XZZ1Re8BQR/XXUY/OGRtFToyf2QAAAAAwthDW0NqFBNWA9zXYqX4pg==
.gazivakfi.org/ Name: __cf_mw_byp
Value: rpnZFk5T6V.EiFuMW6UoM9.sWvrGBtULYY5dBw53zaA-1686057531-0-/zld/

2 Console Messages

Source Level URL
Text
network error URL: https://gazivakfi.org/zld/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.googleapis.com/css?family=Times+New+Roman%3A300%2C400%2C700&ver=6.2.2
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

360-insurance.com
fonts.googleapis.com
fonts.gstatic.com
gazivakfi.org
translate.google.com
translate.googleapis.com
www.gstatic.com
360-insurance.com
107.154.147.24
2606:4700:3035::ac43:ce20
2a00:1450:4001:800::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200e
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
22ee33c91aa386bbe2b32653247c6d4d852db499153849fbdee1c37c76ef554e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
65da0a497ca6649597260dd4b22370757bd9c59d375e30ed053eacb001b7144d
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
831aca98baef2556f47feb26a149913fe8474a72e8442ef9534cd19df49dfa5c
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
93236c6e908c4edbdc034eb3f6f71067d1d8c315243751da84b68330031c686a
a3c9d9eece62711f7a700bc637f0f3972d609e4209a9960576728554debdab6c
aa5f331d519cb77adc272b6ca857535e850b7b3290b3d3ce050ae94a27e313a1
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ad9028c535cbac821881768c4a56bd111bde3e9c2f7e68f97aba5780224c9dcc
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274
bcd89a70328b1081ddd6c9ab55dd62b64fe2a0448287671244174ed5f7107d1b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cf4e362872b85503281754e458ef06019efaf77453953483d49cad7ec350548a
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
db0041c31fbbec6fdc6cc8fa2a829ea66efede78fff5d1be0272c1db9362b7b3
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016