urlscan.io logo urlscan.io
SecurityTrails logo

yardim-exxen.ortusdesk.com Open in urlscan Pro
2606:4700:20::681a:a70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://yardim-exxen.ortusdesk.com/
Effective URL: https://yardim-exxen.ortusdesk.com/
Submission: On December 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 39 HTTP transactions. The main IP is 2606:4700:20::681a:a70, located in United States and belongs to CLOUDFLARENET, US. The main domain is yardim-exxen.ortusdesk.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 10th 2023. Valid for: a year.
This is the only time yardim-exxen.ortusdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:20::ac43:4a50 (United States)

ASN13335 (CLOUDFLARENET, US)
yardim-exxen.ortusdesk.com
15    2606:4700:20::681a:a70 (United States)

ASN13335 (CLOUDFLARENET, US)
yardim-exxen.ortusdesk.com
exxen.ortusdesk.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6812:cc0 (United States)

ASN13335 (CLOUDFLARENET, US)
ortus-cdn.nyc3.cdn.digitaloceanspaces.com
7    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    162.243.189.2 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com
ortus-cdn.nyc3.digitaloceanspaces.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
16 ortusdesk.com
yardim-exxen.ortusdesk.com
exxen.ortusdesk.com
375 KB
7 gstatic.com
fonts.gstatic.com
99 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
453 KB
2 digitaloceanspaces.com
ortus-cdn.nyc3.cdn.digitaloceanspaces.com
ortus-cdn.nyc3.digitaloceanspaces.com
77 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 340
32 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
66 KB
39 8
Domain Requested by
15 yardim-exxen.ortusdesk.com 2 redirects yardim-exxen.ortusdesk.com
code.jquery.com
7 fonts.gstatic.com fonts.googleapis.com
6 www.googletagmanager.com yardim-exxen.ortusdesk.com
www.googletagmanager.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 exxen.ortusdesk.com yardim-exxen.ortusdesk.com
1 ortus-cdn.nyc3.digitaloceanspaces.com ortus-cdn.nyc3.cdn.digitaloceanspaces.com
1 ortus-cdn.nyc3.cdn.digitaloceanspaces.com yardim-exxen.ortusdesk.com
1 code.jquery.com yardim-exxen.ortusdesk.com
1 ajax.googleapis.com yardim-exxen.ortusdesk.com
1 cdn.jsdelivr.net yardim-exxen.ortusdesk.com
1 fonts.googleapis.com yardim-exxen.ortusdesk.com
39 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
exxen.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.nyc3.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2024-05-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://yardim-exxen.ortusdesk.com/
Frame ID: 732B5F7B9AAED65E92921210574C1EC1
Requests: 38 HTTP requests in this frame

Frame: https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 54C7E89285AF749756F9FED5650A83C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Exxen Yardım Merkezi

Page URL History Show full URLs

  1. http://yardim-exxen.ortusdesk.com/ HTTP 301
    https://yardim-exxen.ortusdesk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

97 %
HTTPS

92 %
IPv6

8
Domains

12
Subdomains

12
IPs

2
Countries

1153 kB
Transfer

2745 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://yardim-exxen.ortusdesk.com/ HTTP 301
    https://yardim-exxen.ortusdesk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yardim-exxen.ortusdesk.com/
Redirect Chain
  • http://yardim-exxen.ortusdesk.com/
  • https://yardim-exxen.ortusdesk.com/
31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2f93c70dacf70b12624ae580f200c9ee50b081c81029706a85948f19c499a29c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
833bb3df18892bec-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 11 Dec 2023 06:34:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ni9CoRlcpkJgC1%2FcidQdYO1ipmgebr8eqmbwWRqYcSowmfJZi1%2BgEAsyyuvJzN9vibU8vz74I%2FH0MHmGVJMKGlvU1G8s9rVxNW51%2FHZ03oVkWqHUS5EVEqbFZt1wPrf4k64KuLCBEPwWeg%2B1Sg31d%2F%2B%2Bs%2FTAklz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

CF-RAY
833bb3de9c9ebb56-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 11 Dec 2023 06:34:34 GMT
Expires
Mon, 11 Dec 2023 07:34:34 GMT
Location
https://yardim-exxen.ortusdesk.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdCvtUk1nP8Nb71O6zkyYkGiPmy2nLw%2Fynh0DrmFRGeQcAQKeXgl4%2BIjBMkw%2BcT172J34p6ZIPtamw5Q3GlCTzJe9jUVDvGlovzzrRU4hvN%2BDcXzasBWq4UmhksBlTDjNRQapPOtF3QG05cpLTOzUlPR8b6s2%2BDo"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
HYq16zE4eVD-KBMWeGM--VNX0VY.js
yardim-exxen.ortusdesk.com/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/head/HYq16zE4eVD-KBMWeGM--VNX0VY.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac1ea25d1750a7b5b541ba9b4b2d90c1dfc0f908e6d7e44072453274c5aec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
x-amz-version-id
7zbpT3VrMlmZfblKZ8fHcx1O4WjvwtNT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F6PQ249KJVK3HN21
age
943102
x-amz-id-2
fPZPw2glUsqZOc2lCcE6XQ2Qn9T2tddTe0h9YGZe3GrfD2GqyX3B9G78BjaelvLCA+m8/hwy+a0=
last-modified
Fri, 01 Jan 2021 22:00:21 GMT
server
cloudflare
etag
W/"7ed214a4a3d9c72383f3de7b7fb38b02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzDrZee7C%2BqmhAXLOcm1BTX%2BB1zo%2Bs9es5mH34kIcJha3l5ze3%2F4ymQB%2Frz943hsiZJC1tRihW5mNFP4JLxJ2DJSENFIDDhchYnh0JGnMnYfG2Ni20DTL7fT7%2F4ACTJ%2FU153P9JCo%2F7DXf22haaugNajGCD9NWKz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
833bb3dfe9472bec-FRA
screen.css
yardim-exxen.ortusdesk.com/assets/built/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/assets/built/screen.css?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
98b69f39f04296a126394cc1fc488ea52497042746b9b35870e92eb0f44cbb32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 09:40:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
943103
x-powered-by
Express
etag
W/"72b6-18345ac15a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FSgxQxFiUmoxW2yR8Qyp5P6MTJU3aPsXxDBts2ig70ZqoYNPPm1fmAecguH9ctwx1rMUcLvMXPBnN5vjOYpk450pxjhqgpwdLVQVjkcPJ%2B4ZmFA1yE0jJlgdpWHAnK9%2F2EijJK6tbMeECclinyRSfYWsTgNermz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
833bb3dfe9432bec-FRA
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0881e2156e87820ddb89cc0cb7c23d0fe30487856c47191e5f21b7d5ff2d5ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:41:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Dec 2023 06:34:34 GMT
sodo-search.min.js
cdn.jsdelivr.net/npm/@tryghost/sodo-search@~1.1/umd/ 		197 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@tryghost/sodo-search@~1.1/umd/sodo-search.min.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30196
x-jsd-version
1.1.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"313b2-PGFkfSo33Bwphw9PaHfsB1kMn/Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B%2FbGOl3CPYQgphMIeof5iP4DMPxx2%2BZCpuLowLNDxOtP%2BQdEBDY9gfgm5T43AXprup5ewKBL76IFvXBYAV%2BNURn9B8%2F5T%2FXau1z8d4xRnqXm4lujP9onBZ2NV9e3krWVH%2BmRWe3A4InUyyGasw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
833bb3e0cacb6ae1-FRA
cards.min.js
yardim-exxen.ortusdesk.com/public/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/public/cards.min.js?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1034385
x-powered-by
Express
etag
W/"9e5964261251e02cc1d6dfb44e28481f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6ODJJnqRlDQftiaNH39vRyJHi8qf%2BNf92%2BzVslDr1w66euQJ1it%2FVfbmYAycoDBiwZm8Pu37Qv8dkW5egrantZpRyVHHse9tgEXbOzDEbM2JKXNpOMVsPGN1QRVJRXGQR76OXETY3lJapMlBr2BHBQCXNjn8Kd6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
833bb3e099f22bec-FRA
cards.min.css
yardim-exxen.ortusdesk.com/public/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/public/cards.min.css?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1126004
x-powered-by
Express
etag
W/"b9318467f6388557fe2bae29d33a119e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJQHYzLYqmsY2KsnLE%2BKuAofcocQ9q3VFAu5IRJ%2FPLNku8NXiha8PptxarhvLhDlgI2fIDBZ9OJJnrbZcsKKB8fYFAcQ67qE6aepgYl%2BBmGrWUL2ul%2FEycQWYwIsYiGI5dfdNdrlog2Pf4IF8OFwRaELq7KDaZbl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
833bb3dfe9452bec-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 16:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Dec 2024 16:17:19 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186204470-1
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9659206928b2666663fefab69ead02055679709b814153a711a54a4eeca15e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69002
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Dec 2023 06:34:35 GMT
WhatsApp-Image-2021-03-10-at-09.53.53.jpeg
yardim-exxen.ortusdesk.com/content/images/2022/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardim-exxen.ortusdesk.com/content/images/2022/04/WhatsApp-Image-2021-03-10-at-09.53.53.jpeg
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4511bc0903ed1cd0a1e79a7677689a75cdae420bc3e04b3ada558550e93d9055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
943103
x-powered-by
Express
content-length
17278
cf-bgj
h2pri
last-modified
Wed, 31 Aug 2022 12:16:44 GMT
server
cloudflare
etag
W/"437e-182f3d513e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZK8nDw9etJNbZwWPb%2B2YFmLxoyXOL%2F5dLX%2FrXNrn8Iqskw9e7SxlJL6RSLhpqaNrvThRf%2B4XTIGZBYz52pOxdnZmdgluqf8BV03V1SbWCf4a314iiW2XPXkSHxvj5AqZjzuk5WpHOncWlUnUbr7yU7I0FY2NKBK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
833bb3dfe9482bec-FRA
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3006482
x-cache
HIT, HIT
content-length
30288
x-served-by
cache-lga13622-LGA, cache-fra-eddf8230095-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702276475.921728,VS0,VE0
etag
W/"28feccc0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 1389757
main.min.js
yardim-exxen.ortusdesk.com/assets/built/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/assets/built/main.min.js?v=f22d8b9259
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e68b1ff5a9d1bb881f3403c41e9f033b5b534f1366242d351beca07f0dc13f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 09:40:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
943102
x-powered-by
Express
etag
W/"1597a-18345ac15a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2F08g3c0W1Xbr0PlrxVVnk8ROf%2Bz%2F0AUflL3GJrlKpI7ELdBTFPJa3BGSsCYV7NraY58s7IQHap1Sc4DKVwvn4q2q0M8lfAwqEp3flhwZbhKRyedtse%2F4WzIwUNkEeYkY0Rmkh3f9AgdwTsdD6UJhO7jEjN7iCtG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
833bb3e0298a2bec-FRA
js
www.googletagmanager.com/gtag/ 		218 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EXC37LC4VS
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
888c6555b33f39504f91653f671e834fcb14f23d1b622877d285b721796686b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81307
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 06:34:35 GMT
ortus4c1.js
ortus-cdn.nyc3.cdn.digitaloceanspaces.com/app/centros4c/assets/ 		388 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ortus-cdn.nyc3.cdn.digitaloceanspaces.com/app/centros4c/assets/ortus4c1.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9db444c52a2c29557ab12d6a35bf308b7ba4d0f1cc21a0c4a9cab24761205eff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000016184019-00656a23c3-41e2d025-nyc3a
age
213706
x-envoy-upstream-healthchecked-cluster
last-modified
Tue, 11 Oct 2022 18:24:54 GMT
server
cloudflare
etag
W/"c0040c84d07c0ad657e23b0bc7ebe283"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/javascript
x-do-cdn-uuid
f270c43c-6eb3-46df-b7bb-e42bcda4021d
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
833bb3e0dbe71e54-FRA
d8I8-yNNSslLKLDP9kkyaXmCAxI.js
yardim-exxen.ortusdesk.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/body/d8I8-yNNSslLKLDP9kkyaXmCAxI.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/head/HYq16zE4eVD-KBMWeGM--VNX0VY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c3c23d319543fa4e8bb298779cf19cdeeef636fb820a5224420470a63f2dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
x-amz-version-id
PJtMR7UkBSYz8WVzihMAuMvl8.l0y6e7
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T495TVF2VM0SJ0WF
age
1034533
x-amz-id-2
Ir1Z9kobHgHNPSjIMZNPKGXaPlvR8JhNBMwRhErDcOv55k77wNkPxiUSWNu98YxYN9xUriOCbJQ=
last-modified
Fri, 01 Jan 2021 22:00:21 GMT
server
cloudflare
etag
W/"065efbe4008e8cc05d17526f83b1ac57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhK6%2FMPxVOhv5gYxyQ2UkJMNKsXSBJaBy6oUX0tzqQ5evCimbQhVbzzsB2QyAxH%2Fd6bOMhaYtlf1I0ksRf5e04fw9oS2tW5Ay30DqMSeln5axXgwGX%2FXF61JupWzJBarKAhNvLLaSWM5oeye%2B5fJ%2BEwEQ1Jd%2F8Ny"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
833bb3e099f32bec-FRA
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options
nosniff
age
211161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 19:55:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:59:57 GMT
x-content-type-options
nosniff
age
214478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:59:57 GMT
IVEEL.ttf
yardim-exxen.ortusdesk.com/assets/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/assets/fonts/IVEEL.ttf
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/assets/built/screen.css?v=f22d8b9259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
661faaf4c1a3f80585431a7f923c582239c0d893a98a297cb531c659612d60cc

Request headers

Referer
https://yardim-exxen.ortusdesk.com/assets/built/screen.css?v=f22d8b9259
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
943102
x-powered-by
Express
last-modified
Fri, 16 Sep 2022 09:40:49 GMT
server
cloudflare
etag
W/"149c-18345ac1584"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IniXPVgrTyZKbLgNn4GLgRlirOM6XA7Lorgw2LjRMRQ4MItkpf1DU%2BT%2BiIxTqBuMmloN8UKOHflbSlyW2d4Dqd3rC%2FAdoqEwTJd%2FXjyf4D4PSSARNzLPD5LNTJ%2FGVWVLQ%2FlxqFQ49lcLOtt4L3uVyGfhfaACYS7A"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
833bb3e0aa052bec-FRA
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
222914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 16:39:21 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 15:23:54 GMT
x-content-type-options
nosniff
age
141041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 15:23:54 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options
nosniff
age
300435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:07:20 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 15:23:55 GMT
x-content-type-options
nosniff
age
141040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 15:23:55 GMT
Untitled-1-copy-3.jpg
yardim-exxen.ortusdesk.com/content/images/2022/04/ 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yardim-exxen.ortusdesk.com/content/images/2022/04/Untitled-1-copy-3.jpg
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7045f0d3c1939d4d923723b687acb5c3ca0d9dafac43a478ffddc302814e4b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1126004
x-powered-by
Express
content-length
256305
cf-bgj
h2pri
last-modified
Wed, 31 Aug 2022 12:16:44 GMT
server
cloudflare
etag
W/"3e931-182f3d513e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEMYoWlAOLNF4aCjYE7ch7K2FqimsgOLez9edpdQB4%2BkQR1jnqvoqgplkd%2B9aXtIeDlglmPSX9pIz0R6jsGpBOJ8xomVYrKijD8fNE9Kd1Vit0rH%2BAL8kps6uF6W6vsvnASkHunaJhSsKQNia5SRAXFD02dDGbhN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
833bb3e0ba1b2bec-FRA
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186355045-1
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/cdn-cgi/apps/body/d8I8-yNNSslLKLDP9kkyaXmCAxI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdfa48f8b1ec9eb97228aca880a5802d849c105eec7eb1c47cc86e3db48f17aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69004
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Dec 2023 06:34:35 GMT
ortus4c_implementation1.css
ortus-cdn.nyc3.digitaloceanspaces.com/app/centros4c/assets/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ortus-cdn.nyc3.digitaloceanspaces.com/app/centros4c/assets/ortus4c_implementation1.css
Requested by
Host: ortus-cdn.nyc3.cdn.digitaloceanspaces.com
URL: https://ortus-cdn.nyc3.cdn.digitaloceanspaces.com/app/centros4c/assets/ortus4c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
nyc3.digitaloceanspaces.com
Software
/
Resource Hash
bbc2376cc6da447ae1e2578f411ee993b6620aa5e9df3b96b52dfbceada10157
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:31:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 11 Oct 2022 18:28:39 GMT
x-amz-request-id
tx0000000000000180ced4e-006576accc-41e2d025-nyc3a
age
174
etag
"ffe66b48b0c06a924e487f025bb6fed9"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
2694
chatLogo
exxen.ortusdesk.com/centros/servlet/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exxen.ortusdesk.com/centros/servlet/chatLogo?channelKey=EXXEN_OFFLINE
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a2935792fd34293b12772609b5bf9f56be66337a4ed04b6c68f2b432b23b7b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-b3-traceid
16fb09fe91c15e52
content-length
33739
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7628%2FMEah23gqXtJnkN0nv5iBTr1nrgD9azYYHRuHBWokSs7PQmFzFDWb1UGSNshr%2BsRANgBZWbbUzc0AJFEwwPfjLKRAjI9l3gEmcAfDSsLwNvYkqoYeoPa9m4haWuWXvKd5803w8tVGCxqwaYxRo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
833bb3e1db0c2bec-FRA
expires
0
main.js
yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 54C7
Redirect Chain
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/
Protocol
H2
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8218e7a73bd58aece681f0f55702ea5f70e70ead7757fc71bfc4240e055f50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92XnZhaUBf4l0V0IFvNEzFD2MGl6e3HBRUuww4TWVuWAlZCrYCZpB%2FGZ7KxOU3%2Fap5nTP2u0zxKsokTKOHFaL3oHypen3ZAO%2BQlneAp6jCd9%2F2e6XiUe1%2BoIhFXs5rAZwGzVFrBVl9sOHZUI5L82a40hDuLFtiV%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
833bb3e28bae2bec-FRA

Redirect headers

date
Mon, 11 Dec 2023 06:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gFDtODGJBQrisLc1JklKzQVnWGdHQ6%2Fok%2BTFH7SD3rymT7XRFaJ%2BuIPOhItkpZYtkbPi9j%2F2Tcn60praaw3PJyPTlZNX0kZY4cnzRKUDUw%2B47VyhcxsABWb2tJBRO1Rz39%2BVpH%2FXRJzyV6wsMz7liYHLF6VZjqP"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
833bb3e18ab52bec-FRA
/
yardim-exxen.ortusdesk.com/ghost/api/v3/content/posts/ 		68 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/ghost/api/v3/content/posts/?key=ab5e00022f576526eb315cc5e5&limit=all&fields=id,title,excerpt,url,updated_at,visibility&order=updated_at%20desc&formats=plaintext
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2909d99e29962405a5dda1bfb17c564b2b6a72f1ae8ae2fd2103d7394dff60ec

Request headers

Accept
*/*
Referer
https://yardim-exxen.ortusdesk.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
content-version
v5.12
server
cloudflare
etag
W/"110b2-vWO8nytHFcDy6bvFJM7QdC53Bu8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0blzZ0oOD5NzAVCMHHvcTMURytz1ICOtD5qLtozUGWh44ssolCAl09AqnQ1a0IuNCgNl5eWqka0QvYEWx2fOJmJvfJURDVFupHgkBSTvuCHl%2BB1dDzrrkqOMP5ZzZC6LXcQi%2BSQ2ZH1Fa8itVRmr%2FH9I6xmgaSI"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
deprecation
version="v3"
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray
833bb3e18ab92bec-FRA
link
<https://yardim-exxen.ortusdesk.com/ghost/api/content/posts/?key=ab5e00022f576526eb315cc5e5&limit=all&fields=id,title,excerpt,url,updated_at,visibility&order=updated_at%20desc&formats=plaintext>; rel="latest-version"
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yardim-exxen.ortusdesk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:39:17 GMT
x-content-type-options
nosniff
age
208518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:39:17 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFJWK73FR7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186355045-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52e8ad8ce427e1df03cde72c172c46d27530c6dbcee0a3022f017c5eedba80b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81235
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 06:34:35 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EXC37LC4VS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186355045-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
285d4aa92f112f4599b4ea94629494b77c0e8e59b1492c198868a41f5240f303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 06:34:35 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186355045-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 05:48:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2776
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 11 Dec 2023 07:48:19 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-23LK3ZBWSC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186204470-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b66c0219b39495ab51189d42214b643811b9ddd1988d22e578325f9071077d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Dec 2023 06:34:35 GMT
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EXC37LC4VS&gtm=45je3bt0&_p=1702276474963&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1326567451.1702276475&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702276475&sct=1&seg=0&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&dt=Exxen%20Yard%C4%B1m%20Merkezi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=547
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EXC37LC4VS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 06:34:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-23LK3ZBWSC&gtm=45je3bt0v9114780992&_p=1702276474963&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1326567451.1702276475&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702276475&sct=1&seg=0&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&dt=Exxen%20Yard%C4%B1m%20Merkezi&en=page_view&_fv=1&_ss=1&tfd=707
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23LK3ZBWSC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 06:34:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NFJWK73FR7&gtm=45je3bt0v9114570078&_p=1702276474963&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1326567451.1702276475&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702276475&sct=1&seg=0&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&dt=Exxen%20Yard%C4%B1m%20Merkezi&en=page_view&_fv=1&_ss=1&tfd=726
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFJWK73FR7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yardim-exxen.ortusdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 06:34:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=62115306&t=pageview&_s=1&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&ul=en-us&de=UTF-8&dt=Exxen%20Yard%C4%B1m%20Merkezi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=270267138&gjid=744316288&cid=1326567451.1702276475&tid=UA-186355045-1&_gid=494143484.1702276475&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=281071041
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 06:34:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=62115306&t=pageview&_s=1&dl=https%3A%2F%2Fyardim-exxen.ortusdesk.com%2F&ul=en-us&de=UTF-8&dt=Exxen%20Yard%C4%B1m%20Merkezi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1303416142&gjid=1069022650&cid=1326567451.1702276475&tid=UA-186204470-1&_gid=494143484.1702276475&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=232460513
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://yardim-exxen.ortusdesk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Dec 2023 06:34:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://yardim-exxen.ortusdesk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
833bb3df18892bec
yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 54C7 		0
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/h/b/jsd/r/833bb3df18892bec
Requested by
Host: yardim-exxen.ortusdesk.com
URL: https://yardim-exxen.ortusdesk.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Dec 2023 06:34:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
833bb3e38ca72bec-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiMCxb9dk1FhZv9GowN5A%2FzY8GdzIEZRGKz5IrVZngl5%2BTMsf4%2FejHWTqktfxngnr8uiHV7Jr6IIn8LNjD5iEmgw63MKDuxmKeD9BrCIjssNDOPuyGdazuAREwDpmzVY9Lkv7NCVOB4izem%2BjPMrAwEx0NC%2BCMJ6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| CloudflareApps string| siteUrl function| $ function| jQuery string| gh_search_key string| gh_search_migration function| gtag object| link object| dataLayer object| body function| search function| featured function| video function| gallery function| table function| mobileMenu function| lunr function| elasticlunr function| jarallax object| lazySizesConfig object| lazySizes string| GoogleAnalyticsObject function| ga object| CryptoJS boolean| formOpened function| addStyle function| addScript function| openForm boolean| loadedIframe function| loadIframe function| closeForm function| minimizeMaximize function| ortusCobInit function| create4cPopup function| create4cLink function| create4cPopupCob object| Centros undefined| OrtusCobConfig_ignoreForms undefined| OrtusCobConfig_autoStart function| io object| centrosInstance function| qt function| Kt function| zt function| Yt function| Ft function| Nt string| encodedSource object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| gaplugins object| gaData

8 Cookies

Domain/Path Name / Value
.ortusdesk.com/ Name: _ga_EXC37LC4VS
Value: GS1.1.1702276475.1.0.1702276475.0.0.0
.ortusdesk.com/ Name: _ga_23LK3ZBWSC
Value: GS1.1.1702276475.1.0.1702276475.0.0.0
.ortusdesk.com/ Name: _ga_NFJWK73FR7
Value: GS1.1.1702276475.1.0.1702276475.0.0.0
.ortusdesk.com/ Name: _ga
Value: GA1.2.1326567451.1702276475
.ortusdesk.com/ Name: _gid
Value: GA1.2.494143484.1702276475
.ortusdesk.com/ Name: _gat_gtag_UA_186355045_1
Value: 1
.ortusdesk.com/ Name: _gat_gtag_UA_186204470_1
Value: 1
.ortusdesk.com/ Name: cf_clearance
Value: HSF8NJ_JyiZp0QkWyVgLALeolEUOXJ3EpRygga6UKhU-1702276475-0-1-963cc8d1.32188f09.c13d9731-0.2.1702276475

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
exxen.ortusdesk.com
fonts.googleapis.com
fonts.gstatic.com
ortus-cdn.nyc3.cdn.digitaloceanspaces.com
ortus-cdn.nyc3.digitaloceanspaces.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
yardim-exxen.ortusdesk.com
162.243.189.2
2001:4860:4802:34::36
2606:4700:20::681a:a70
2606:4700:20::ac43:4a50
2606:4700::6810:5614
2606:4700::6812:cc0
2a00:1450:4001:808::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200e
2a04:4e42:400::649
0881e2156e87820ddb89cc0cb7c23d0fe30487856c47191e5f21b7d5ff2d5ff9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
285d4aa92f112f4599b4ea94629494b77c0e8e59b1492c198868a41f5240f303
2909d99e29962405a5dda1bfb17c564b2b6a72f1ae8ae2fd2103d7394dff60ec
2f93c70dacf70b12624ae580f200c9ee50b081c81029706a85948f19c499a29c
33a2935792fd34293b12772609b5bf9f56be66337a4ed04b6c68f2b432b23b7b
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4511bc0903ed1cd0a1e79a7677689a75cdae420bc3e04b3ada558550e93d9055
52e8ad8ce427e1df03cde72c172c46d27530c6dbcee0a3022f017c5eedba80b5
661faaf4c1a3f80585431a7f923c582239c0d893a98a297cb531c659612d60cc
6ac1ea25d1750a7b5b541ba9b4b2d90c1dfc0f908e6d7e44072453274c5aec16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7045f0d3c1939d4d923723b687acb5c3ca0d9dafac43a478ffddc302814e4b51
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
888c6555b33f39504f91653f671e834fcb14f23d1b622877d285b721796686b1
8b66c0219b39495ab51189d42214b643811b9ddd1988d22e578325f9071077d7
8e8218e7a73bd58aece681f0f55702ea5f70e70ead7757fc71bfc4240e055f50
9659206928b2666663fefab69ead02055679709b814153a711a54a4eeca15e98
98b69f39f04296a126394cc1fc488ea52497042746b9b35870e92eb0f44cbb32
9db444c52a2c29557ab12d6a35bf308b7ba4d0f1cc21a0c4a9cab24761205eff
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc2376cc6da447ae1e2578f411ee993b6620aa5e9df3b96b52dfbceada10157
c999512e6410949c727b70e0afca6edc42b2d34936cd9afbb1b600fb3f5c54cb
cdfa48f8b1ec9eb97228aca880a5802d849c105eec7eb1c47cc86e3db48f17aa
d2c3c23d319543fa4e8bb298779cf19cdeeef636fb820a5224420470a63f2dd1
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b1ff5a9d1bb881f3403c41e9f033b5b534f1366242d351beca07f0dc13f9d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b