urlscan.io logo urlscan.io
SecurityTrails logo

www.tavsanhavlu.com Open in urlscan Pro
77.245.159.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tavsanhavlu.com/
Effective URL: https://www.tavsanhavlu.com/
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 77.245.159.69, located in Turkey and belongs to NIOBEBILISIMHIZMETLERI, TR. The main domain is www.tavsanhavlu.com.
TLS certificate: Issued by R11 on June 28th 2024. Valid for: 3 months.
This is the only time www.tavsanhavlu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 77.245.159.69 42868 (NIOBEBILI...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 4
Apex Domain
Subdomains		 Transfer
18 tavsanhavlu.com
tavsanhavlu.com
www.tavsanhavlu.com
708 KB
2 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
983 B
20 3
Domain Requested by
17 www.tavsanhavlu.com www.tavsanhavlu.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.tavsanhavlu.com
1 tavsanhavlu.com 1 redirects
20 4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
arstantech.com
Subject Issuer Validity Valid
tavsanhavlu.com
R11		 2024-06-28 -
2024-09-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.tavsanhavlu.com/
Frame ID: F101E0F88E02B38F30D345BA31717F24
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anasayfa - Tavşan Havlu Collection

Page URL History Show full URLs

  1. https://tavsanhavlu.com/ HTTP 301
    https://www.tavsanhavlu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

744 kB
Transfer

1743 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tavsanhavlu.com/ HTTP 301
    https://www.tavsanhavlu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tavsanhavlu.com/
Redirect Chain
  • https://tavsanhavlu.com/
  • https://www.tavsanhavlu.com/
114 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
eb2e9f13e4a3b9c5a29402c8273346dfe9c9aa1c94863894893a5745247d6191

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 14:01:25 GMT
etag
"2328-1720188085;br"
link
<https://www.tavsanhavlu.com/wp-json/>; rel="https://api.w.org/" <https://www.tavsanhavlu.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://www.tavsanhavlu.com/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
164_HTTP.200,164_front,164_URL.6666cd76f96956469e7be39d750cc7d9,164_F,164_Po.2,164_PGS,164_,164_MIN.8a702aacd0d80c11e5679ba976a7b9c7.css,164_MIN.949dbe460a23ecec1d9a7ac847434334.js

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 14:01:24 GMT
location
https://www.tavsanhavlu.com/
server
LiteSpeed
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-redirect-by
WordPress
webfontloader.min.js
www.tavsanhavlu.com/wp-content/plugins/litespeed-cache/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sun, 23 Jun 2024 10:17:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
4649
expires
Sat, 05 Jul 2025 20:01:26 GMT
8a702aacd0d80c11e5679ba976a7b9c7.css
www.tavsanhavlu.com/wp-content/litespeed/css/ 		536 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/litespeed/css/8a702aacd0d80c11e5679ba976a7b9c7.css?ver=b9f03
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
2df9418a28fab2624a4c83e5818ee4979166d4a3799b931bdd4167252e22358a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Fri, 05 Jul 2024 13:38:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
79409
expires
Sat, 05 Jul 2025 20:01:26 GMT
truncated
/ 		167 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8008d833f2106bf334b5eaf680d025972b1022ff7e1154a15817251f21d1edbc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
949dbe460a23ecec1d9a7ac847434334.js
www.tavsanhavlu.com/wp-content/litespeed/js/ 		373 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
282a0f653747a7e923a7ed8756d3fddf4e0be92a931830db0852a5a54acc3bac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Fri, 05 Jul 2024 13:38:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
118806
expires
Sat, 05 Jul 2025 20:01:26 GMT
truncated
/ 		280 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f10e68296dc8301a254700ed5e8c1f0959b4e68df530c39c60b57318420f885

Request headers

Referer
Origin
https://www.tavsanhavlu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
paw-pattern-2.svg
www.tavsanhavlu.com/wp-content/uploads/2021/12/ 		269 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tavsanhavlu.com/wp-content/uploads/2021/12/paw-pattern-2.svg
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/css/8a702aacd0d80c11e5679ba976a7b9c7.css?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
be0bb5fc86c81bec0a21bf4e1c478e0b69faf1f2bea8207a26b12d15dac71641

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/wp-content/litespeed/css/8a702aacd0d80c11e5679ba976a7b9c7.css?ver=b9f03
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:39:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
102009
expires
Sat, 05 Jul 2025 20:01:26 GMT
css
fonts.googleapis.com/ 		2 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Serif:wght@700&display=swap
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
edcb16fa396f7e60ad5d1796cf74ec7ba81cb86ab93878f23c09eec468dac6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 14:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 14:01:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 14:01:27 GMT
623.eaed831514ef6ee02b84.js
www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/623.eaed831514ef6ee02b84.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
ecae9dad454f9445456c77237b21a213ff43e0dfa5f79ca62aadc940a6bea212

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
1185
expires
Sat, 05 Jul 2025 20:01:26 GMT
921.ea5565c86a4be1f7d88d.js
www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/921.ea5565c86a4be1f7d88d.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
1799
expires
Sat, 05 Jul 2025 20:01:26 GMT
sticky.js
www.tavsanhavlu.com/wp-content/plugins/blocksy-companion/static/bundle/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/plugins/blocksy-companion/static/bundle/sticky.js?ver=2.0.56
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
45d42739e04ed669634bfa9f3f800deef54a230d19f2662e740c7fb96a882caf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:27:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
3282
expires
Sat, 05 Jul 2025 20:01:26 GMT
woo.woff2
www.tavsanhavlu.com/wp-content/themes/blocksy/static/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/fonts/woo.woff2
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/css/8a702aacd0d80c11e5679ba976a7b9c7.css?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
f506805b1333c88c9a95f08c01db26ed09933fef7b442ac7f3bfd5fb10518e68

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/wp-content/litespeed/css/8a702aacd0d80c11e5679ba976a7b9c7.css?ver=b9f03
Origin
https://www.tavsanhavlu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
2760
expires
Sat, 05 Jul 2025 20:01:26 GMT
/
www.tavsanhavlu.com/ 		707 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
251769cef0f0e0335e7374420fce0d3e9947b894825b8cb75406f3d7272ae1f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://www.tavsanhavlu.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
LiteSpeed
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.tavsanhavlu.com
x-litespeed-cache-control
no-cache
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-litespeed-tag
164_HTTP.200,164_HTTP.200
x-robots-tag
noindex
content-length
281
expires
Wed, 11 Jan 1984 05:00:00 GMT
jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2
fonts.gstatic.com/s/ibmplexserif/v19/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexserif/v19/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Serif:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
256774147c18fde1089393e4008316d583dd0fe5f5aacc9438b23640ce1c552a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.tavsanhavlu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 07:55:26 GMT
x-content-type-options
nosniff
age
108361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19616
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:37:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 07:55:26 GMT
jizDREVNn1dOx-zrZ2X3pZvkTiUR2zcLig.woff2
fonts.gstatic.com/s/ibmplexserif/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexserif/v19/jizDREVNn1dOx-zrZ2X3pZvkTiUR2zcLig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Serif:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2f749514006a1b58f2adff32f7bc6366fc8a4b1ee0a8534163f84c65ec57174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.tavsanhavlu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:46:42 GMT
x-content-type-options
nosniff
age
256485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15492
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:50:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:46:42 GMT
logo.jpg
www.tavsanhavlu.com/wp-content/uploads/2024/06/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tavsanhavlu.com/wp-content/uploads/2024/06/logo.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
fde7670b901d8d70637543f55b8d9dd5acfb4fdd8d2e723b7d43110abec54804

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
last-modified
Sat, 29 Jun 2024 14:55:31 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
28097
expires
Sat, 05 Jul 2025 20:01:26 GMT
cropped-icon-1-32x32.png
www.tavsanhavlu.com/wp-content/uploads/2024/06/ 		1019 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/uploads/2024/06/cropped-icon-1-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
0907c2e2b2afe1ee9caa8efcad6c9a2beeb62790fd331057c8f08f88ec297c30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
last-modified
Sat, 29 Jun 2024 23:21:17 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
1019
expires
Sat, 05 Jul 2025 20:01:26 GMT
844.2cb54706990e89c6a4de.js
www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/ 		424 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/844.2cb54706990e89c6a4de.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
50978e3d42dad25f9fdf65f9ba4e6813bb694d5f0e1029711dd11e22043eae0d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
183
expires
Sat, 05 Jul 2025 20:01:26 GMT
530.95ed248d03ed8624dedf.js
www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/ 		228 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/530.95ed248d03ed8624dedf.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
58e7c4a726c19b17da6c5e4cb0a392260fcb3bb6c3e23c02aa38723fa235146a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
153
expires
Sat, 05 Jul 2025 20:01:26 GMT
188.52bb43f2fc39f31bef94.js
www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/ 		360 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/188.52bb43f2fc39f31bef94.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
e315b11a42d9466c3dbae547ac9c5a64643f3563faa2006e69063809b7c2290e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
231
expires
Sat, 05 Jul 2025 20:01:26 GMT
629.2e6323bd5900e24443ca.js
www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/ 		360 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tavsanhavlu.com/wp-content/themes/blocksy/static/bundle/629.2e6323bd5900e24443ca.js
Requested by
Host: www.tavsanhavlu.com
URL: https://www.tavsanhavlu.com/wp-content/litespeed/js/949dbe460a23ecec1d9a7ac847434334.js?ver=b9f03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
75905a9f7a1bdd0b0b66cd41b9e65db8e92b838255ed56fd184dc5a572304e81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:26 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 14:15:23 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
215
expires
Sat, 05 Jul 2025 20:01:26 GMT
BEST20TOWELS209.jpg
www.tavsanhavlu.com/wp-content/uploads/2024/06/ 		348 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tavsanhavlu.com/wp-content/uploads/2024/06/BEST20TOWELS209.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.245.159.69 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR),
Reverse DNS
77-245-159-69.ptr.wlsrv.com
Software
LiteSpeed /
Resource Hash
cb7da058ca6f7f7577884c1abc56aeaa0795381856966afa7f06b3d59739d783

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.tavsanhavlu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:01:27 GMT
last-modified
Sat, 29 Jun 2024 14:55:10 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
356258
expires
Sat, 05 Jul 2025 20:01:27 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| LazyLoad object| WebFontConfig object| WebFont object| wc_add_to_cart_params object| woocommerce_params object| wc_cart_fragments_params object| wc_order_attribution object| _wpUtilSettings object| wpApiSettings object| runtime object| woo_variation_swatches_options object| ct_localizations object| Mailcheck object| punycode object| wpforms object| WPForms object| wpforms_settings undefined| $ function| jQuery object| Cookies object| sbjs function| _ object| wp object| regeneratorRuntime function| sprintf function| vsprintf function| createMiddlewareForExtraQueryParams object| blocksyJsonP object| ctEvents object| ctFrontend object| classes

7 Cookies

Domain/Path Name / Value
.tavsanhavlu.com/ Name: sbjs_migrations
Value: 1418474375998%3D1
.tavsanhavlu.com/ Name: sbjs_current_add
Value: fd%3D2024-07-05%2014%3A01%3A27%7C%7C%7Cep%3Dhttps%3A%2F%2Fwww.tavsanhavlu.com%2F%7C%7C%7Crf%3D%28none%29
.tavsanhavlu.com/ Name: sbjs_first_add
Value: fd%3D2024-07-05%2014%3A01%3A27%7C%7C%7Cep%3Dhttps%3A%2F%2Fwww.tavsanhavlu.com%2F%7C%7C%7Crf%3D%28none%29
.tavsanhavlu.com/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.tavsanhavlu.com/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29%7C%7C%7Cplt%3D%28none%29%7C%7C%7Cfmt%3D%28none%29%7C%7C%7Ctct%3D%28none%29
.tavsanhavlu.com/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36
.tavsanhavlu.com/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fwww.tavsanhavlu.com%2F

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
tavsanhavlu.com
www.tavsanhavlu.com
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
77.245.159.69
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0907c2e2b2afe1ee9caa8efcad6c9a2beeb62790fd331057c8f08f88ec297c30
0f10e68296dc8301a254700ed5e8c1f0959b4e68df530c39c60b57318420f885
251769cef0f0e0335e7374420fce0d3e9947b894825b8cb75406f3d7272ae1f7
256774147c18fde1089393e4008316d583dd0fe5f5aacc9438b23640ce1c552a
282a0f653747a7e923a7ed8756d3fddf4e0be92a931830db0852a5a54acc3bac
2df9418a28fab2624a4c83e5818ee4979166d4a3799b931bdd4167252e22358a
45d42739e04ed669634bfa9f3f800deef54a230d19f2662e740c7fb96a882caf
50978e3d42dad25f9fdf65f9ba4e6813bb694d5f0e1029711dd11e22043eae0d
58e7c4a726c19b17da6c5e4cb0a392260fcb3bb6c3e23c02aa38723fa235146a
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
75905a9f7a1bdd0b0b66cd41b9e65db8e92b838255ed56fd184dc5a572304e81
8008d833f2106bf334b5eaf680d025972b1022ff7e1154a15817251f21d1edbc
be0bb5fc86c81bec0a21bf4e1c478e0b69faf1f2bea8207a26b12d15dac71641
cb7da058ca6f7f7577884c1abc56aeaa0795381856966afa7f06b3d59739d783
d4bf98188e2531d6d5d412e054d77071677be60c823ab6489c5093874c2c74c2
e315b11a42d9466c3dbae547ac9c5a64643f3563faa2006e69063809b7c2290e
eb2e9f13e4a3b9c5a29402c8273346dfe9c9aa1c94863894893a5745247d6191
ecae9dad454f9445456c77237b21a213ff43e0dfa5f79ca62aadc940a6bea212
edcb16fa396f7e60ad5d1796cf74ec7ba81cb86ab93878f23c09eec468dac6ec
f2f749514006a1b58f2adff32f7bc6366fc8a4b1ee0a8534163f84c65ec57174
f506805b1333c88c9a95f08c01db26ed09933fef7b442ac7f3bfd5fb10518e68
fde7670b901d8d70637543f55b8d9dd5acfb4fdd8d2e723b7d43110abec54804