urlscan.io logo urlscan.io
SecurityTrails logo

do-it-anyway.org Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://do-it-anyway.org/gazinvest6/
Submission: On July 10 via api from NL — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is do-it-anyway.org.
TLS certificate: Issued by WE1 on July 3rd 2024. Valid for: 3 months.
This is the only time do-it-anyway.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.185.170 15169 (GOOGLE)
3 142.250.185.163 15169 (GOOGLE)
22 3
Apex Domain
Subdomains		 Transfer
18 do-it-anyway.org
do-it-anyway.org
785 KB
3 gstatic.com
fonts.gstatic.com
94 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
1 KB
22 3
Domain Requested by
18 do-it-anyway.org do-it-anyway.org
3 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com do-it-anyway.org
22 3

This site contains no links.

Subject Issuer Validity Valid
do-it-anyway.org
WE1		 2024-07-03 -
2024-10-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://do-it-anyway.org/gazinvest6/
Frame ID: AA54F7E0F275C00A545A81D1876C49E5
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Независимое расследование: каким образом россияне получают деньги за просмотр одного видео? Новости. Первый канал

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

880 kB
Transfer

1520 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
do-it-anyway.org/gazinvest6/ 		58 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f52f9898758465c0cbfeb667791e5d24a5f8f6f2f496ecba779176e03039e4c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a0f410baca80e03-MXP
content-encoding
br
content-type
text/html
date
Wed, 10 Jul 2024 08:41:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEctpdX4g%2BES3b3iwXpKxUygiuPCuUJzOqoPcORRuisIFF0%2FSgl1s2vgBG%2FUf2KolFNmOJpfmcMh2xg4Gs4vBG%2F3brnUEcxAh%2FQwRV9zhF8g%2FYmEPKqpgpCPQ%2FcpFzSWoDMd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=PT+Sans&family=PT+Sans+Caption:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
35ead3cc46601921e4a6114f0b98a2fc5025c3ea859b7fbfd232f889789273f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://do-it-anyway.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 Jul 2024 08:41:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 Jul 2024 08:41:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jul 2024 08:41:20 GMT
style.css
do-it-anyway.org/gazinvest6/css/ 		673 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://do-it-anyway.org/gazinvest6/css/style.css
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b46f08b9db3e5999d85f025ae90e1799e31a66d0d990942159bbd5898036b6

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668511f2-a82a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9zQmg%2BX%2FDfjrujTbup2BOWB32pZDCj7nxJcCXxggLRmJMZKsCK%2FKCwCSZ3b%2BjyIq%2Fq%2BPzjIE8VKNlvRjk0GMeuH0UDhK6%2BeW%2F6th4zqvnW%2FWHOIsClocFl2eoe9G7X5iNBi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
8a0f410d78590e03-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 11 Jul 2024 08:41:20 GMT
abrik.png
do-it-anyway.org/gazinvest6/images/ 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/abrik.png
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5011f45da911703905476a35e0606164a3b7839d3db1844e4575ae17d2fa496

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-43014"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SH6q36gOgHfddJEuSZJxlDIG8iDUoqRvSWA9jBO94pGt5KGlNVYpJR4SNRaVNS3HpkgIWbZJDvlZyOKwkXjSWzB56ccUM67stpRFeO%2Fy5unuAUw%2FjJEYOdVFRkCxoiongRgo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f410d98a10e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
274452
expires
Thu, 11 Jul 2024 08:41:20 GMT
MRICoXm.jpg
do-it-anyway.org/gazinvest6/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/MRICoXm.jpg
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229b32a69ecf98eaa0fb0f32133f7846c563a84c1730fa51fd2c9f31d730156f

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-689c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ea%2FLdvHWzuq3jQDgv0fS36xzjSGixud%2FByJUt3WVRn%2FTAvWV8XRMU5EM8uJrfsDBi5jb%2Be90NHGinxQ5jJPi07UjZhzm8%2Brwk8PGqQIt9NsfDH8R0n1HLgKfDLDS3g9He%2FQo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f410d98a90e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
26780
expires
Thu, 11 Jul 2024 08:41:20 GMT
imag.png
do-it-anyway.org/gazinvest6/images/ 		356 KB
357 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/imag.png
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e29cde944bce2d0367809d2f605825a2046e2921c305d501aed1a932c68c0c

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:21 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-58fd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBz34xC86LN%2FgDv8bJzExyXr2mhwBKTDquuTLQQAr9WmwnGVz8ToA189A24NdzEVPWfjVqIgLODGc3OxY%2BLDzsPB1R%2B8ktC%2BNU6YmynavuA1HoUX2ULm9bGUCeHCIB0rk5JX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f41102ee20e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
364497
expires
Thu, 11 Jul 2024 08:41:20 GMT
ok.svg
do-it-anyway.org/gazinvest6/images/ 		941 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/ok.svg
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401d957d4dba8478f3d98b82588d7a9ae1a96c00c95d90ae2bc4176507c0ae95

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668511f2-3ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsuAs8L28%2FUSFTYvHUdRabXY2Uca%2BfkiNDuCIcDi0AJ3soZBlGI58eTCDXv9b6yvPfL4RRU6GTPrvHfqA2uyWFs6wVobbsWIAKRSWlojg8d69qOfaieTnGAJFwsFSBgmGAcy"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
8a0f4110afe20e03-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 11 Jul 2024 08:41:20 GMT
c1.webp
do-it-anyway.org/gazinvest6/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c1.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ef1e4e20cfe6cf54518dfa22a121d9d7104f11e1c81afee6334c419c20501d

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-4b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIzPi4HuesXaMPFLSgcVZ%2FF85GeI6LrBfmA%2Bha4TCFxCYuO8KgAjSWNJW9U6AepCIZ7btfYpPneCy%2BlhDKEKIfW21d1NiOAlzmBMLCSqdjRLO5kdb4Bo9AYi3ZASzk3DubME"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110afe50e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
1206
expires
Thu, 11 Jul 2024 08:41:20 GMT
like-thumb-up-black-hand-getsure-symbol_icon-icons.com_64347.svg
do-it-anyway.org/gazinvest6/images/ 		1 KB
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/like-thumb-up-black-hand-getsure-symbol_icon-icons.com_64347.svg
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1545ab205aa6fee807f1f2a9eeabfa3f6433341c4bb9f3d6cf941e86243cbf1d

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668511f2-5cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugLOU11aSRRiidQnQienMnvZaIMSYfPfT1yVBlzwPySKjvEY%2FsNc4yWWFyeSJ6rtFLZBf5ShYkMyIWwQ01glfjzChv7XFbtfrgxxPiC488fCxqDN09HmTf%2FC0PJToFR48YP9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
8a0f4110afec0e03-MXP
alt-svc
h3=":443"; ma=86400
expires
Thu, 11 Jul 2024 08:41:20 GMT
c2.webp
do-it-anyway.org/gazinvest6/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c2.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224639b618b7efae1d4884e77f68cfc933abee9fa4e843e15a25e5043cc2e902

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-5c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EL9T%2BbPJgyCxVixADVJgphv5N7fDM%2FxT0i3WNBXVFwC0R34WwyN1cuchv3Bd2DqlWkF17gr8V95YN38uhNiLsYVyQDO9IAlsOjUHNLdb0bk1NaKzPAP6tqrfeI%2FTffH7RexN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110afee0e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
1472
expires
Thu, 11 Jul 2024 08:41:20 GMT
c3.webp
do-it-anyway.org/gazinvest6/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c3.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba67a5bf6304ea335f0fc237050db743c1a0d043c7c6dc8656c3ad81ec55a509

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXt8WSzHDU6L401hn9sFttlMZW8YgfKXb%2B8knNAq%2FD0GHIZ0KvkdS4kq7a0uwVmH1bJ6ASH3rEe2sLbdZ9Blvl6fxSaLmbkhgYVAyBPI79G0SfOwXpGLnFb8Pn4KX9AYznaN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110aff00e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
2368
expires
Thu, 11 Jul 2024 08:41:20 GMT
c4.webp
do-it-anyway.org/gazinvest6/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c4.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92251c0513d96cc35eb60407bf145e6f72cfd89c346f832e091b932985e049c

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-bc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWBCMWdXCC0l8afuAoNnBC6XF8loEwpfZjrSCLNTNZZ%2BfuI%2FvtqQfu5sm4vNjSi78Nv1p7xHWSbeKesVIJOIHVY2IB13JMVcOeLEJ%2Be2kX7AfsmTSPoml80iu%2BYHA4GkApYM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110aff10e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
3014
expires
Thu, 11 Jul 2024 08:41:20 GMT
c5.webp
do-it-anyway.org/gazinvest6/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c5.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e401df908f45fa5a207bec6f63310cc1eb9538eea64688501ff24d177f8a6e

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:21 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-7e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M26AzX60MZ8i2x%2BXsJiSNo8hR4s1fJ6MeUqBRxI%2FakmXgXBboaGAAFNm2Vls%2BhbvPmC%2Ftshzy4070euWbeWJZUFoB3825HXu80mSI2YoG88nlC1olaOVUT7xol5qBJqvMJPz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110d8380e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
2024
expires
Thu, 11 Jul 2024 08:41:20 GMT
c6.webp
do-it-anyway.org/gazinvest6/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c6.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720a1814ccda2cbdc1d2eba5dd7a56024506f45d09c8eabe9c2a64dda90c5592

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-ae0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LoS2rTawAmbPPhqpwckrDYDatFXEr3d4AleDPHlMILv7o%2B8%2Ba0cfEHZYsNUvSW%2BNrcV78OnN6GsPUjN%2Bgq83p1%2BZ0uDjrKvH%2BWYAAEMrdJRJi4g5l5AfGw4t1pAGfZyvmH4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110d83d0e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
2784
expires
Thu, 11 Jul 2024 08:41:20 GMT
c7.webp
do-it-anyway.org/gazinvest6/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c7.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4bfcbf8795766317037a2bd07d012c6ff37a99773e2dc163a65e34bc54082b

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-d42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkhR4FWG35BWxf8t3HoSuIzjnB8xP3hmqrdcHlesyUtuQWa73yQRf6A2xK5iH%2F0lCDoBYEnx809dBkoFabnE5dEgeufsOzzff%2BTjBXRh%2FS7bImKH1TCg%2FBL4UEs4m79SuXDa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110d8410e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
3394
expires
Thu, 11 Jul 2024 08:41:20 GMT
c8.webp
do-it-anyway.org/gazinvest6/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c8.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd2af9a1973c4d9d4e7cdf12684f3de858bab81c5c41c68445382d9c2d26a945

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-95e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv2BHrwi1W3kFSGSppAKglgATlslMViCMninrumnrnc5R08PHBRRJe0HwDxbazpafkp%2FDUJLmkSgcyTWJCduovX8ZlUpIH4hHSPowyYKJTgb8xXtdshFCNEeKfba4ofTB%2Bzd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110d8430e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
2398
expires
Thu, 11 Jul 2024 08:41:20 GMT
c9.webp
do-it-anyway.org/gazinvest6/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c9.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de4d4e95a16b4b04b66e0b487311999ea72d944dee53e72c0f61b0b95933b06

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-8aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2muVmalnqOONF5zC%2FFyYRRYe2O8%2BmgrLdehlt8B4qnQx2SZOKHK94JGdx%2FfUATx65caSN7H7nTG%2Bq5%2BTa0zV5m%2BDdG82aNKEmodrTIPHKD0Q3bHKHdZPB6aIsrWVTuM71J7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110e8570e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
2218
expires
Thu, 11 Jul 2024 08:41:20 GMT
c10.webp
do-it-anyway.org/gazinvest6/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://do-it-anyway.org/gazinvest6/images/c10.webp
Requested by
Host: do-it-anyway.org
URL: https://do-it-anyway.org/gazinvest6/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da26ab4cf22d5d0ad416db7b8fce909cf16e34d63578a10a1d3d0547993dc401

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:20 GMT
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"668511f2-7e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uS7hRhtRtygEa4QkZx0gVPs7ehr2tXKqZtViYCWkUx9i2TcIEqp4TQFiJfn2SgUfOqFNIsFJeoMHGzYeAtKi0AlR6X2iiXn05OLOBxdy0SUf3xsqMSfBVdeg9kcUVd08Ztp1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8a0f4110e85a0e03-MXP
alt-svc
h3=":443"; ma=86400
content-length
2016
expires
Thu, 11 Jul 2024 08:41:20 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=PT+Sans&family=PT+Sans+Caption:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://do-it-anyway.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:46:20 GMT
x-content-type-options
nosniff
age
82501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:43:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:46:20 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=PT+Sans&family=PT+Sans+Caption:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://do-it-anyway.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:36:48 GMT
x-content-type-options
nosniff
age
83073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28444
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:36:48 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=PT+Sans&family=PT+Sans+Caption:wght@400;700&family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://do-it-anyway.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:44:45 GMT
x-content-type-options
nosniff
age
82596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:44:45 GMT
favicon.ico
do-it-anyway.org/gazinvest6/images/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://do-it-anyway.org/gazinvest6/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6a5cd9c24c278a8190d0be1724fafdc3a37d0a3fac6ef1dc98178ba8d8d029

Request headers

Referer
https://do-it-anyway.org/gazinvest6/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 08:41:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 08:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"103e-61c53fd175e78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jQoKKWH8u1JXVP4vKP0McTqezFga8QEIk0xgrw3PoVQqtiHse4XsavoAFQrRCQEVj8L%2BYBvr8Q5VsmsC5vvt1JvOeBxySPNbZtwSb3JAutEfyEOfazfULQwRVgKt97miFhT"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8a0f41154fca0e03-MXP
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| url string| redirectUrl object| d object| p number| day number| newDay object| monthA function| getCurrentDateTime

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

do-it-anyway.org
fonts.googleapis.com
fonts.gstatic.com
142.250.185.163
142.250.185.170
188.114.97.3
1545ab205aa6fee807f1f2a9eeabfa3f6433341c4bb9f3d6cf941e86243cbf1d
1f4bfcbf8795766317037a2bd07d012c6ff37a99773e2dc163a65e34bc54082b
224639b618b7efae1d4884e77f68cfc933abee9fa4e843e15a25e5043cc2e902
229b32a69ecf98eaa0fb0f32133f7846c563a84c1730fa51fd2c9f31d730156f
35ead3cc46601921e4a6114f0b98a2fc5025c3ea859b7fbfd232f889789273f7
401d957d4dba8478f3d98b82588d7a9ae1a96c00c95d90ae2bc4176507c0ae95
4de4d4e95a16b4b04b66e0b487311999ea72d944dee53e72c0f61b0b95933b06
54e29cde944bce2d0367809d2f605825a2046e2921c305d501aed1a932c68c0c
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
720a1814ccda2cbdc1d2eba5dd7a56024506f45d09c8eabe9c2a64dda90c5592
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
ad6a5cd9c24c278a8190d0be1724fafdc3a37d0a3fac6ef1dc98178ba8d8d029
ba67a5bf6304ea335f0fc237050db743c1a0d043c7c6dc8656c3ad81ec55a509
d1e401df908f45fa5a207bec6f63310cc1eb9538eea64688501ff24d177f8a6e
d8b46f08b9db3e5999d85f025ae90e1799e31a66d0d990942159bbd5898036b6
d92251c0513d96cc35eb60407bf145e6f72cfd89c346f832e091b932985e049c
da26ab4cf22d5d0ad416db7b8fce909cf16e34d63578a10a1d3d0547993dc401
dd2af9a1973c4d9d4e7cdf12684f3de858bab81c5c41c68445382d9c2d26a945
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3ef1e4e20cfe6cf54518dfa22a121d9d7104f11e1c81afee6334c419c20501d
e5011f45da911703905476a35e0606164a3b7839d3db1844e4575ae17d2fa496
f52f9898758465c0cbfeb667791e5d24a5f8f6f2f496ecba779176e03039e4c2