urlscan.io logo urlscan.io
SecurityTrails logo

gazivakfi.org Open in urlscan Pro
2606:4700:3035::ac43:ce20  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://360-insurance.com/maday.html
Effective URL: https://gazivakfi.org/zld/
Submission: On May 19 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3035::ac43:ce20, located in United States and belongs to CLOUDFLARENET, US. The main domain is gazivakfi.org.
TLS certificate: Issued by GTS CA 1P5 on May 9th 2023. Valid for: 3 months.
This is the only time gazivakfi.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

5    107.154.147.24 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.147.24.ip.incapdns.net
360-insurance.com
16    2606:4700:3035::ac43:ce20 (United States)

ASN13335 (CLOUDFLARENET, US)
gazivakfi.org
2    2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2404:6800:4004:80f::200e (Australia)

ASN15169 (GOOGLE, US)
translate.google.com
4    2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2404:6800:4004:808::200a (Australia)

ASN15169 (GOOGLE, US)
translate.googleapis.com
Apex Domain
Subdomains		 Transfer
16 gazivakfi.org
gazivakfi.org
584 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
40 KB
5 360-insurance.com
360-insurance.com
27 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
translate.googleapis.com — Cisco Umbrella Rank: 867
76 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1201
28 KB
32 5
Domain Requested by
16 gazivakfi.org 1 redirects gazivakfi.org
5 360-insurance.com 360-insurance.com
4 fonts.gstatic.com gazivakfi.org
3 www.gstatic.com gazivakfi.org
www.gstatic.com
2 fonts.googleapis.com gazivakfi.org
1 translate.googleapis.com
1 translate.google.com gazivakfi.org
32 7

This site contains links to these domains. Also see Links.

Domain
translate.google.com
Subject Issuer Validity Valid
360-insurance.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-12 -
2024-05-11		 a year crt.sh
gazivakfi.org
GTS CA 1P5		 2023-05-09 -
2023-08-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gazivakfi.org/zld/
Frame ID: F7882D9E5F480D9E5BE8353B4425344B
Requests: 35 HTTP requests in this frame

Frame: data://truncated
Frame ID: D02B3F3D8C5281856C25B54CEBDD11C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

الصفحة غير موجودة. – Gazi Vakfı

Page URL History Show full URLs

  1. https://360-insurance.com/maday.html Page URL
  2. https://360-insurance.com/maday.html Page URL
  3. https://gazivakfi.org/zld/ Page URL
  4. https://gazivakfi.org/cdn-cgi/phish-bypass?atok=ZGaUPn65j4VIO8OfxT4UUjl4fEcRI.dhtf_pCjHlQc0-168449... HTTP 301
    https://gazivakfi.org/zld/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

9
IPs

2
Countries

755 kB
Transfer

2465 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://360-insurance.com/maday.html Page URL
  2. https://360-insurance.com/maday.html Page URL
  3. https://gazivakfi.org/zld/ Page URL
  4. https://gazivakfi.org/cdn-cgi/phish-bypass?atok=ZGaUPn65j4VIO8OfxT4UUjl4fEcRI.dhtf_pCjHlQc0-1684494298-0-%2Fzld%2F HTTP 301
    https://gazivakfi.org/zld/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
maday.html
360-insurance.com/ 		212 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
212
content-type
text/html
x-iinfo
8-58917611-0 0NNN RT(1684494296561 234) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18
_Incapsula_Resource
360-insurance.com/ 		178 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash
1761a529629927628238d9d2a30b62b3836f7a5cfbb74ee4ecf70dd43d6c8738

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
26212
content-type
application/javascript
_Incapsula_Resource
360-insurance.com/ 		29 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/_Incapsula_Resource?SWHANEDL=6154777540012382304,16741411275091288115,7370624452736256148,449577
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
29
content-type
application/javascript
maday.html
360-insurance.com/ 		75 B
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360-insurance.com/maday.html
Requested by
Host: 360-insurance.com
URL: https://360-insurance.com/maday.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
Apache /
Resource Hash

Request headers

Referer
https://360-insurance.com/maday.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html
date
Fri, 19 May 2023 11:04:57 GMT
last-modified
Sun, 07 May 2023 22:45:08 GMT
server
Apache
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
8-58917611-58917681 NNNN CT(50 57 0) RT(1684494296561 816) q(0 0 1 -1) r(2 2) U12
_Incapsula_Resource
360-insurance.com/ 		1 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://360-insurance.com/_Incapsula_Resource?SWKMTFSR=1&e=0.021528395387492072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.147.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.147.24.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://360-insurance.com/maday.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
360-insurance.com/ 		0
0
/
gazivakfi.org/zld/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f9e90592816f1f17936c54f9d1f3458cf34cf85af3848a2d864255cda82f25
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://360-insurance.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cf-ray
7c9bdcb30a6134c9-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 11:04:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMC6mEGy8xHmayBiws4saXmUJ7sRu97oP2A3YLHcvgyicuxhvqbgQKQPXor9LwU2FyOVfpTRJRcneVc6cyhnUeUzqim59YqVmuYfBv4nJ1Mv9J%2FXz8MXDDrDFosWJ9qf09b%2BXlOMoT9e%2FnK1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
gazivakfi.org/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 10:15:18 GMT
server
cloudflare
etag
W/"6465fab6-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7c9bdcb31a7734c9-NRT
expires
Fri, 19 May 2023 13:04:58 GMT
icon-exclamation.png
gazivakfi.org/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:04:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 10:15:18 GMT
server
cloudflare
etag
"6465fab6-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7c9bdcb33a9534c9-NRT
content-length
452
expires
Fri, 19 May 2023 13:04:58 GMT
Primary Request /
gazivakfi.org/zld/
Redirect Chain
  • https://gazivakfi.org/cdn-cgi/phish-bypass?atok=ZGaUPn65j4VIO8OfxT4UUjl4fEcRI.dhtf_pCjHlQc0-1684494298-0-%2Fzld%2F
  • https://gazivakfi.org/zld/
923 KB
133 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
2457c4b0d728082e4c8432a3eefdfc6763f2e072f232bd99c8a02eb428639ff2

Request headers

Referer
https://gazivakfi.org/zld/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7c9bdccc9ce334c9-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 11:05:05 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://gazivakfi.org/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wufXzIIPSW3FgYf5Nixp0GtpStZ%2FkvR2QNVbEX1fjvtfzOHK72h5MG6IuCJLcddBHOILOUGUIVFUoT2ypPghRHXjDumRZb1rMCLuCAlTRNt0%2FophH0%2FYOQJgKF9r16pi%2F2RUUvw4uDH6JbGc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34

Redirect headers

cache-control
private, no-cache
cf-ray
7c9bdccc8cdf34c9-NRT
content-length
167
content-type
text/html
date
Fri, 19 May 2023 11:05:02 GMT
location
https://gazivakfi.org/zld/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
wp-emoji-release.min.js
gazivakfi.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2.1
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
61
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5VuPhu6nE2WU7DKUBRCkKb9MIN70RKPaJTNIoDQ48%2F97wLx5kuYfr7juHfSjvRjILSImCzKFKngy1bTmbYFfa97JQeO1jGwadIpjFq3wuxCRYKus43inmhHiYfBytlFlkjPscfb1AvAtJTj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c9bdceadacc34c9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		386 B
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Candal%3A300%2C400%2C700&ver=6.2.1
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 11:05:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 11:05:07 GMT
css
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Times+New+Roman%3A300%2C400%2C700&ver=6.2.1
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
jquery.min.js
gazivakfi.org/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
61
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zui1RsjfQpw9jyDhWBFWaVjUlmmo1CEDfKZWx2aeoG9MbKyNM468F0jY8CAAUUMAO2PQ86RMGap%2F5ltSbgrb%2FlKoiUXfHW4pkw4VVb2GzfCe3%2F5agzx6lYOz2WtxmaEDNKnJEPcrk%2FF2QuaV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c9bdceadacd34c9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-polyfill-inert.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
61
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxT97dm1alfW8u8xJIMuE1K2xMen9Ha5tYQIkY14uiNoabQ%2BcvsA07hQw1C0qSL4Z6aW4o1Rmb512h9UGql9MFS%2Bu6UdMEuju3k6OoZQTJ4JtdwESaybEoDrULT6rqZv0erWaJ7UMWPHdcZH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c9bdceadacf34c9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
regenerator-runtime.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Mar 2023 06:22:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
61
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fefr6WG9LpOUFblKrYm6p%2BPdEVJ4s5d0%2BjczQ0JzE9SroqgKZOmT%2F8DTmpB4mF1XkS96tEwYqAY4Qk%2BB4gwDwmhQUkVHMNlqHmae3cZjQ09qFag3RBwlaQhMg1cmulqDR5VS6hHQVDQhOZ95"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c9bdceadad134c9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-polyfill.min.js
gazivakfi.org/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 06:24:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
61
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j44VDcMD6Pbx9tR%2FMw%2FR2FdbfFK0EBIazyAzj21p26fHPdhWfg2ZjyfZRunPdY1mXWGkBjYNkSMR8%2BbDBs%2FJVcCQDwCNOrtvcJtTcr7bPDh4zGkb6jrv2idlqI4%2FQJ%2BuuEcg0Ia2dIKZbLH0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7c9bdceadad234c9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
element.js
translate.google.com/translate_a/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a4e03a90c3143f03833c2cf9aed4760652403b313d9531c18a697ff7469452e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 11:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
autoptimize_9801e1c459c18fe3985c499281440817.js
gazivakfi.org/wp-content/cache/autoptimize/js/ 		635 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/cache/autoptimize/js/autoptimize_9801e1c459c18fe3985c499281440817.js
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd89a70328b1081ddd6c9ab55dd62b64fe2a0448287671244174ed5f7107d1b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 06:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrA1CGHp9hs9p5E%2FcV9%2B4wxrJHGqy1972P%2FEYDE068Jq%2BWIskorGir%2FkcBjYQ1STtS2W3W0tUzwq9svEXcD%2Fw8y0UV02a37Z2mDONwz6PKKbI6ZGxN8NgLkuVXmLboZmgsujfD%2FqFNStFHUk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=30672000, immutable
cf-ray
7c9bdceb6a4dafca-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 08 May 2024 11:05:07 GMT
truncated
/ 		86 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad9028c535cbac821881768c4a56bd111bde3e9c2f7e68f97aba5780224c9dcc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		86 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93236c6e908c4edbdc034eb3f6f71067d1d8c315243751da84b68330031c686a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 05:53:21 GMT
x-content-type-options
nosniff
age
537106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10256
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 05:53:21 GMT
fa-brands-400.woff2
gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Request headers

Referer
https://gazivakfi.org/zld/
Origin
https://gazivakfi.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jBhsSmkPgBYawnbpzTKYRKraIbCNmKBhtCpZLvDzJ3VRn2OGJWlGCq2HhQ7DOpbUanF9SigRQWQvhjwYjTy8Ie0Us%2FYxtY3AzaLPVSP2cxZI39S5gI1C8U4jrSL%2BxP03vG54%2BmQv5cS5tWq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c9bdceb7a63afca-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75368
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 23:23:21 GMT
x-content-type-options
nosniff
age
474106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 23:23:21 GMT
fa-solid-900.woff2
gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009

Request headers

Referer
https://gazivakfi.org/zld/
Origin
https://gazivakfi.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:07 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:36:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLWaDEsYjxcxnVOm0t3nBFg%2BGKex5gzMz9jGjQYddB8xhtkJJNMU0%2BB122ccib5WaZ8GKflV%2FGGtrttZdmnIEtYv70gDkSNTNsNOMeUAWWspbKg6nRXSUC0ETTPeCkmVXESG%2FoadQ15Rc6eJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c9bdceb7a64afca-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75760
Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazivakfi.org/
Origin
https://gazivakfi.org
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 13:56:00 GMT
x-content-type-options
nosniff
age
508147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 13:56:00 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.72968C3h_nw.O/d=1/rs=AN8SPforiAjvs_wr-XkEmRlO91b9FW3Mqg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 03:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4396
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 00:11:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 03:06:26 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ja.72968C3h_nw.O/d=1/exm=el_conf/ed=1/rs=AN8SPforiAjvs_wr-XkEmRlO91b9FW3Mqg/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.ja.72968C3h_nw.O/d=1/exm=el_conf/ed=1/rs=AN8SPforiAjvs_wr-XkEmRlO91b9FW3Mqg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.ja.72968C3h_nw.O/d=1/rs=AN8SPforiAjvs_wr-XkEmRlO91b9FW3Mqg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffea0cf1484fbe59be4ce5589334d626fddf343222b68a9b962c8b5db82b7e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 19:04:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76155
x-xss-protection
0
last-modified
Tue, 16 May 2023 23:09:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 May 2024 19:04:47 GMT
truncated
/ Frame D02B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 04:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3340
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 14:24:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 May 2024 04:13:55 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/zld/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:09:35 GMT
x-content-type-options
nosniff
age
366932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 14 May 2024 05:09:35 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.69JJaQ5G5xA.L.W.O/d=0/rs=AN8SPfpC36MIoWPngdVwZ4RUzeJYZaC7rg/m=el_main_css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 05:48:09 GMT
x-content-type-options
nosniff
age
19018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 18 May 2024 05:48:09 GMT
truncated
/ 		475 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
gazivakfi.org/wp-content/plugins/google-language-translator/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/wp-content/plugins/google-language-translator/images/flags.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:09 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Apr 2022 14:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCiTkRaQ71iVTOMdvH4x2mPF%2FiKAzw%2FXVsxYPh9uU4qHxRwydV%2FCgRihg8D0i%2FMMRt%2FkzI0AnLsNZfKuT793c0222lVWw5zvwkjiyw3a3zTQaR9un0lGhUfmrZE7mxgjCAX0Oh6IsNf7tzEl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c9bdcf30ad4afca-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54996
/
gazivakfi.org/ 		635 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gazivakfi.org/?wc-ajax=get_refreshed_fragments
Requested by
Host: gazivakfi.org
URL: https://gazivakfi.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
0140c626ee53e328ca4fb01f8110f8bf2de538c089e60a34045aed983286b732
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://gazivakfi.org/zld/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 19 May 2023 11:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iV3HJsj1Wa4fbDg9J2loqNLQYvp2Kx%2B5spO6UbT0GeOmXAGMe1HISmd5rHHPnOC45bScJ8hqc0NZzVFP8jsHUTKsyDT25fImLp2CQAVB3YthPTjR%2BFrt0xIvero9a552NNatjooylu5NkYt"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gazivakfi.org
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
7c9bdcf31ad8afca-NRT
expires
Wed, 11 Jan 1984 05:00:00 GMT
gazivakfi.png
gazivakfi.org/wp-content/uploads/2022/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazivakfi.org/wp-content/uploads/2022/01/gazivakfi.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ce20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4e362872b85503281754e458ef06019efaf77453953483d49cad7ec350548a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gazivakfi.org/zld/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 11:05:08 GMT
cf-cache-status
BYPASS
last-modified
Sat, 22 Jan 2022 18:16:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAKrBGQ1i3ZHQQEBoz%2B%2FZpWcCMG8u8TcQaPO041VoCELUGTUqLtEYwQJbO6EtkK27ViAOw62FplbHafcZEq9WIg1zNyNRMmQIiBEP7foa1CH0HSKpYQllFf%2FDtsyYBGzOUseb2rcGDiHBGXD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
private
accept-ranges
bytes
cf-ray
7c9bdcf4bc10afca-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4167

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
360-insurance.com
URL
https://360-insurance.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A0%2Cc%3A149%2Cr%3A426)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| wc_add_to_cart_params function| setREVStartSize object| RS_MODULES function| GoogleLanguageTranslatorInit object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| woocommerce_params object| wc_cart_fragments_params object| xtra_strings object| closure_lm_946470 function| GLTFireEvent function| doGoogleLanguageTranslator object| Codevz object| Codevz_Plus object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID boolean| _R_is_Editor function| Cookies object| forbiddenTag string| numberType object| forbiddenClass object| className boolean| res

3 Cookies

Domain/Path Name / Value
.360-insurance.com/ Name: visid_incap_2707971
Value: fcGviXS6TjSo1nLH/wf1s9hXZ2QAAAAAQUIPAAAAAADSy6G4j3zmSmGChhBv1xcm
.360-insurance.com/ Name: incap_ses_544_2707971
Value: DsEFB1BIbGqmLBH8Da6MB9hXZ2QAAAAA4Ket1UijrREZkIygdCsXDQ==
.gazivakfi.org/ Name: __cf_mw_byp
Value: ZGaUPn65j4VIO8OfxT4UUjl4fEcRI.dhtf_pCjHlQc0-1684494298-0-/zld/

2 Console Messages

Source Level URL
Text
network error URL: https://gazivakfi.org/zld/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fonts.googleapis.com/css?family=Times+New+Roman%3A300%2C400%2C700&ver=6.2.1
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

360-insurance.com
fonts.googleapis.com
fonts.gstatic.com
gazivakfi.org
translate.google.com
translate.googleapis.com
www.gstatic.com
360-insurance.com
107.154.147.24
2404:6800:4004:808::200a
2404:6800:4004:80f::200e
2404:6800:4004:822::2003
2404:6800:4004:823::2003
2404:6800:4004:824::200a
2606:4700:3035::ac43:ce20
0140c626ee53e328ca4fb01f8110f8bf2de538c089e60a34045aed983286b732
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1761a529629927628238d9d2a30b62b3836f7a5cfbb74ee4ecf70dd43d6c8738
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
2457c4b0d728082e4c8432a3eefdfc6763f2e072f232bd99c8a02eb428639ff2
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
51f9e90592816f1f17936c54f9d1f3458cf34cf85af3848a2d864255cda82f25
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6a4e03a90c3143f03833c2cf9aed4760652403b313d9531c18a697ff7469452e
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
7db470720bc87269e9bf81c2da2649d4f59d54eb54ca5ed4547855758d6688a0
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
8bcef800867269a61c0c29a8d34fdcb69a7d565ac91549f7ede2e0d739cea7be
93236c6e908c4edbdc034eb3f6f71067d1d8c315243751da84b68330031c686a
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ad9028c535cbac821881768c4a56bd111bde3e9c2f7e68f97aba5780224c9dcc
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274
bcd89a70328b1081ddd6c9ab55dd62b64fe2a0448287671244174ed5f7107d1b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cf4e362872b85503281754e458ef06019efaf77453953483d49cad7ec350548a
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
ffea0cf1484fbe59be4ce5589334d626fddf343222b68a9b962c8b5db82b7e28