urlscan.io logo urlscan.io
SecurityTrails logo

purchasetax.co.il Open in urlscan Pro
94.130.34.115  Public Scan

Go To Rescan Add Verdict Report
URL: https://purchasetax.co.il/
Submission: On August 21 via automatic, source rescanner — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 23 HTTP transactions. The main IP is 94.130.34.115, located in Germany and belongs to HETZNER-AS, DE. The main domain is purchasetax.co.il.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 21st 2022. Valid for: 3 months.
This is the only time purchasetax.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 94.130.34.115 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 35.246.200.101 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
23 6
13    94.130.34.115 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lassie.myhcloud.com
purchasetax.co.il
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.246.200.101 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: c5.vangus.io
www.naye.co.il
naye.co.il
102tax.co.il
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 purchasetax.co.il
purchasetax.co.il
445 KB
3 gstatic.com
fonts.gstatic.com
44 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 naye.co.il
www.naye.co.il
naye.co.il
462 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 102tax.co.il
102tax.co.il
310 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
41 KB
23 7
Domain Requested by
13 purchasetax.co.il purchasetax.co.il
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com purchasetax.co.il
1 102tax.co.il purchasetax.co.il
1 naye.co.il purchasetax.co.il
1 www.naye.co.il 1 redirects
1 www.googletagmanager.com purchasetax.co.il
23 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
102tax.co.il
Subject Issuer Validity Valid
purchasetax.co.il
cPanel, Inc. Certification Authority		 2022-08-21 -
2022-11-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
102tax.co.il
R3		 2022-08-04 -
2022-11-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://purchasetax.co.il/
Frame ID: CF455D95EDCB78731DDCE307DC3B8AE2
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

אודות - מס רכישה

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <div class=(?:"|')[^"']*elementor
  • <section class=(?:"|')[^"']*elementor
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

67 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

862 kB
Transfer

1868 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.naye.co.il/wp-content/uploads/2017/08/logo-w.svg HTTP 301
  • https://naye.co.il/

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
purchasetax.co.il/ 		48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed / PHP/7.0.33
Resource Hash
8a9b050ac89d8f618c7ee085890beae1ff3c331b66d63136979d89b2fcf358e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
9791
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 02:47:13 GMT
etag
"109-1660752873;br"
link
<https://purchasetax.co.il/wp-json/>; rel="https://api.w.org/" <https://purchasetax.co.il/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.0.33
autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
purchasetax.co.il/wp-content/cache/autoptimize/css/ 		464 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
5fc67e0e2be6b8aeb14e3ca59f2bf1a31c86958b15444c6e9897a50efb231085

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Tue, 07 Jul 2020 09:02:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
accept-ranges
bytes
content-length
62557
expires
Fri, 11 Aug 2023 02:47:13 GMT
autoptimize_single_085080268d2c2e8dc5c71d9c18f6ba36.css
purchasetax.co.il/wp-content/cache/autoptimize/css/ 		111 B
141 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_single_085080268d2c2e8dc5c71d9c18f6ba36.css?ver=1593008449
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
83ca0ebc3735c31c03fe52ae8914a96bbf3a903722c9ca48bf7eda8ae53f9b65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
last-modified
Tue, 07 Jul 2020 09:02:54 GMT
server
LiteSpeed
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
accept-ranges
bytes
content-length
111
expires
Fri, 11 Aug 2023 02:47:13 GMT
autoptimize_single_d84602621716ab5110dc21cf537df46b.css
purchasetax.co.il/wp-content/cache/autoptimize/css/ 		2 KB
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_single_d84602621716ab5110dc21cf537df46b.css?ver=1593008449
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
a7851ac6217c049188843c71823b81e7ee0c7245a3b32f562e7981cf86685249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Tue, 07 Jul 2020 09:02:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
accept-ranges
bytes
content-length
419
expires
Fri, 11 Aug 2023 02:47:13 GMT
autoptimize_single_afe672438c4040c7371209aa23b8a03d.css
purchasetax.co.il/wp-content/cache/autoptimize/css/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_single_afe672438c4040c7371209aa23b8a03d.css?ver=1593008449
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
b31184d97ba8258c5cb9ed302a4298b58aabb22006031939038995dea60f8688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Tue, 07 Jul 2020 09:02:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
accept-ranges
bytes
content-length
1362
expires
Fri, 11 Aug 2023 02:47:13 GMT
autoptimize_single_a84fc0583016c667779d6893c84d9b39.css
purchasetax.co.il/wp-content/cache/autoptimize/css/ 		7 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_single_a84fc0583016c667779d6893c84d9b39.css?ver=1593008449
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
cf0857dbbe84018c0139750ffd29a46134e0e9019da97d719c79916a0214c719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Tue, 07 Jul 2020 09:02:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=30672000,public, immutable
accept-ranges
bytes
content-length
978
expires
Fri, 11 Aug 2023 02:47:13 GMT
css
fonts.googleapis.com/ 		1020 B
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Yatra+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=hebrew&ver=5.4.10
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bfddf8c0607ed53f657a74db851f439372035faf2e996fe0e4f533a47ced4335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 02:47:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 02:47:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 02:47:13 GMT
opensanshebrew.css
fonts.googleapis.com/earlyaccess/ 		5 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/opensanshebrew.css?ver=5.4.10
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25e905a4cbc6a26d6d0a1e720b8f0cb5c809eee25c625ba1bf452c3bbfc98e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 21 Aug 2022 02:47:13 GMT
jquery.js
purchasetax.co.il/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Tue, 07 Jul 2020 08:52:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
32853
expires
Sun, 28 Aug 2022 02:47:13 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54918383-20
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e88cbc1c3837a9224531f66b32f86ba67f7de90c681c61de8bf2b64ed4a8aa6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41852
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Aug 2022 02:47:13 GMT
cropped-logo-yn.png
purchasetax.co.il/wp-content/uploads/2020/02/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://purchasetax.co.il/wp-content/uploads/2020/02/cropped-logo-yn.png
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
0f4a885c8f98de7948db39ebfab0d750be3d69cd752a382b44e3f7be9495560c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
last-modified
Tue, 07 Jul 2020 08:52:09 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
47839
expires
Sun, 28 Aug 2022 02:47:13 GMT
/
naye.co.il/
Redirect Chain
  • https://www.naye.co.il/wp-content/uploads/2017/08/logo-w.svg
  • https://naye.co.il/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naye.co.il/
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H2
Server
35.246.200.101 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
c5.vangus.io
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

date
Sun, 21 Aug 2022 02:47:15 GMT
server
nginx
x-powered-by
PHP/7.4.30
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://naye.co.il/
cache-control
max-age=0
link
</wp-includes/css/dist/block-library/style.min.css>; as=style; rel=preload;
content-length
0
x-redirect-by
WordPress
expires
Sun, 21 Aug 2022 02:47:13 GMT
autoptimize_17224962d764ff0d2778ea8086db16a4.js
purchasetax.co.il/wp-content/cache/autoptimize/js/ 		503 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/cache/autoptimize/js/autoptimize_17224962d764ff0d2778ea8086db16a4.js
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
ff98d5fffbc0dbf4049f0f470366c8e9cc9f44f710f96b24c572fe6d1287ed36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 14:36:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30672000,public, immutable
accept-ranges
bytes
content-length
128967
expires
Fri, 11 Aug 2023 02:47:13 GMT
wp-emoji-release.min.js
purchasetax.co.il/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-includes/js/wp-emoji-release.min.js?ver=5.4.10
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 14:35:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4272
expires
Sun, 28 Aug 2022 02:47:13 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54918383-20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6076
date
Sun, 21 Aug 2022 01:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 21 Aug 2022 03:05:57 GMT
fa-solid-900.woff2
purchasetax.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Origin
https://purchasetax.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
last-modified
Tue, 07 Jul 2020 08:52:09 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
76084
expires
Sun, 28 Aug 2022 02:47:13 GMT
fa-regular-400.woff2
purchasetax.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

Referer
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Origin
https://purchasetax.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
last-modified
Tue, 07 Jul 2020 08:52:09 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13576
expires
Sun, 28 Aug 2022 02:47:13 GMT
fa-brands-400.woff2
purchasetax.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://purchasetax.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
94.130.34.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lassie.myhcloud.com
Software
LiteSpeed /
Resource Hash
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Request headers

Referer
https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_73fe2ef1c28a560fc133c58305641ae4.css
Origin
https://purchasetax.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 02:47:13 GMT
last-modified
Tue, 07 Jul 2020 08:52:09 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
75936
expires
Sun, 28 Aug 2022 02:47:13 GMT
C8ch4copsHzj8p7NaF0BxFmA.woff2
fonts.gstatic.com/s/yatraone/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/yatraone/v14/C8ch4copsHzj8p7NaF0BxFmA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yatra+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=hebrew&ver=5.4.10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86e1ebd67675aec3c0420d8367a36221e97180dc5c359f7a9b2fa1512237f711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://purchasetax.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 05:38:09 GMT
x-content-type-options
nosniff
age
594544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15656
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:50:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 05:38:09 GMT
slider-scaled.jpg
102tax.co.il/wp-content/uploads/2020/02/ 		310 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://102tax.co.il/wp-content/uploads/2020/02/slider-scaled.jpg
Requested by
Host: purchasetax.co.il
URL: https://purchasetax.co.il/wp-content/cache/autoptimize/css/autoptimize_single_d84602621716ab5110dc21cf537df46b.css?ver=1593008449
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.246.200.101 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
c5.vangus.io
Software
nginx /
Resource Hash
a5a22405ce2ffc32d41eabf35a16fd69d06958a2eac9c209bc4267faed53065a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://purchasetax.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
public
date
Sun, 21 Aug 2022 02:47:13 GMT
last-modified
Tue, 18 Feb 2020 11:57:25 GMT
server
nginx
etag
"5e4bd125-4d771"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
317297
expires
Tue, 20 Sep 2022 02:47:13 GMT
OpenSansHebrew-Bold.woff2
fonts.gstatic.com/ea/opensanshebrew/v3/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/opensanshebrew/v3/OpenSansHebrew-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/opensanshebrew.css?ver=5.4.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f279b27c82c089bce1998a9ce8864f9211d98e5a08de95819444ea7aecc687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://purchasetax.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:48:53 GMT
x-content-type-options
nosniff
age
467900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14060
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 16:48:53 GMT
OpenSansHebrew-ExtraBold.woff2
fonts.gstatic.com/ea/opensanshebrew/v3/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/opensanshebrew/v3/OpenSansHebrew-ExtraBold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/opensanshebrew.css?ver=5.4.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72b799606f7152e21ff988b2c67f4a59865deb2d180b33ab471ab8220325521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://purchasetax.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 09:18:33 GMT
x-content-type-options
nosniff
age
581320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14480
x-xss-protection
0
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Aug 2023 09:18:33 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1459320452&t=pageview&_s=1&dl=https%3A%2F%2Fpurchasetax.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%90%D7%95%D7%93%D7%95%D7%AA%20-%20%D7%9E%D7%A1%20%D7%A8%D7%9B%D7%99%D7%A9%D7%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1942229123&gjid=567638282&cid=1911304384.1661050034&tid=UA-54918383-20&_gid=1701642780.1661050034&_r=1&gtm=2ou8h0&z=2003364338
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://purchasetax.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Aug 2022 02:47:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://purchasetax.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings object| SDT_DATA undefined| $ function| jQuery string| DTGS_NONCE_FRONTEND object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| quicktagsL10n object| drawitFE object| ElementorProFrontendConfig object| elementorFrontendConfig object| twemoji object| wp object| edButtons function| edAddTag function| edCheckOpenTags function| edCloseAllTags function| edInsertImage function| edInsertLink function| edInsertTag function| edLink function| edQuickLink function| edRemoveTag function| edShowButton function| edShowLinks function| edSpell function| edToolbar function| QTags function| quicktags function| edInsertContent function| edButton string| plugin_slug string| plugin_name string| media_upload_url object| jQuery1124015246791492636302 function| EventEmitter object| eventie function| imagesLoaded object| __core-js_shared__ object| core object| elementorModules function| Sticky object| elementorProFrontend object| DialogsManager function| Waypoint function| Swiper function| ShareLink object| elementorFrontend object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.purchasetax.co.il/ Name: _ga
Value: GA1.3.1911304384.1661050034
.purchasetax.co.il/ Name: _gid
Value: GA1.3.1701642780.1661050034
.purchasetax.co.il/ Name: _gat_gtag_UA_54918383_20
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

102tax.co.il
fonts.googleapis.com
fonts.gstatic.com
naye.co.il
purchasetax.co.il
www.google-analytics.com
www.googletagmanager.com
www.naye.co.il
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
35.246.200.101
94.130.34.115
04f279b27c82c089bce1998a9ce8864f9211d98e5a08de95819444ea7aecc687
0f4a885c8f98de7948db39ebfab0d750be3d69cd752a382b44e3f7be9495560c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
25e905a4cbc6a26d6d0a1e720b8f0cb5c809eee25c625ba1bf452c3bbfc98e46
5fc67e0e2be6b8aeb14e3ca59f2bf1a31c86958b15444c6e9897a50efb231085
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
83ca0ebc3735c31c03fe52ae8914a96bbf3a903722c9ca48bf7eda8ae53f9b65
86e1ebd67675aec3c0420d8367a36221e97180dc5c359f7a9b2fa1512237f711
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
8a9b050ac89d8f618c7ee085890beae1ff3c331b66d63136979d89b2fcf358e7
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5a22405ce2ffc32d41eabf35a16fd69d06958a2eac9c209bc4267faed53065a
a7851ac6217c049188843c71823b81e7ee0c7245a3b32f562e7981cf86685249
b31184d97ba8258c5cb9ed302a4298b58aabb22006031939038995dea60f8688
bfddf8c0607ed53f657a74db851f439372035faf2e996fe0e4f533a47ced4335
cf0857dbbe84018c0139750ffd29a46134e0e9019da97d719c79916a0214c719
d72b799606f7152e21ff988b2c67f4a59865deb2d180b33ab471ab8220325521
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88cbc1c3837a9224531f66b32f86ba67f7de90c681c61de8bf2b64ed4a8aa6f
ff98d5fffbc0dbf4049f0f470366c8e9cc9f44f710f96b24c572fe6d1287ed36